BSidesROC

BinDbg: Easy Windows Debugging for Binary Ninja

Talk Description: IDA Pro -- the "gold standard" of binary analysis tools -- is very good at what it does, but it comes with a hefty price tag that is usually only justifiable to professional reverse engineers. Several alternatives have begun to challenge the status quo of reversing tools, including Binary Ninja: a powerful, affordable static-analysis tool. While I attempted to convert to using Binary Ninja, I often missed the fusion of static and dynamic analyses that IDA provided, and existing Binary Ninja debugger integrations were not designed with Windows users in mind. So, I wrote a plugin that syncs WinDbg to Binary Ninja to combine Binary Ninja's static analysis features (such as the disassembly graph and the IL) with the power of dynamic analysis (such as virtual function table resolution and knowing the outcome of branch instructions).

Bio: Dave Kukfa is a hobbyist reverse engineer by night and a security engineer focusing on corporate security by day. He graduated with a B.S. in Computing Security from RIT in 2017 and currently lives in the San Francisco Bay Area. You can find him on Twitter @kukfa_ and on his blog at https://kukfa.co.