A deeper dive from the attacker's perspective.
IOActive experts dissect the physical and logical security of your solution to identify weaknesses and vulnerabilities that could allow hackers to retrieve confidential or secret data or to subvert the system for unauthorized use or malicious attack. Our teams employ advanced custom techniques to spot implementation issues, analyze the use of cryptographic primitives, and uncover hidden backdoors intentional or otherwise.
IOActive will reverse engineer binaries to:
- Discover vulnerabilities
- Identify how a process works, such as an authentication method
- Document existing proprietary network protocols or file formats
- Gather necessary information for other testing techniques, such as fuzzing
- Trace the use and storage of sensitive information, such as accounts, certificates, encryption keys
IOActive uses both static and dynamic reverse-engineering methods. We perform static reverse engineering offline, disassembling binaries, reviewing directory structures and files. By contrast, we perform dynamic reverse engineering while the target is executing. This allows us to leverage the target’s runtime behavior during our analysis. The runtime behaviors tell us what type of resources are used, such as files, network requests, and shared objects, and allows us to trace the execution flow and track the functions that are in use.
Understanding that reverse engineering an entire process is impractical, IOActive identifies interesting entry points, such as points where data is received from the network. We trace only those points or paths that are likely to produce security vulnerabilities. We use commercially available tools, such as IDA Pro, OllyDbg, and Hex-Rays Decompiler, as well as proprietary software tools to understand how the process works.