privacysavvy

privacysavvy

Thursday, November 30, 2023

[New post] FLARE Script Series: Querying Dynamic State Using The FireEye Labs Query-Oriented Debugger (Flare-Qdb)

Site logo image Malware Devil posted: "Introduction This post continues the FireEye Labs Advanced Reverse Engineering (FLARE) script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, it" Malware Devil

FLARE Script Series: Querying Dynamic State Using The FireEye Labs Query-Oriented Debugger (Flare-Qdb)

Malware Devil

Jan 4

Introduction

This post continues the FireEye Labs Advanced Reverse Engineering (FLARE) script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on Windows and Linux, and can be obtained from the flare-qdb github project.

Motivation

Efficiently understanding complex or obfuscated malware frequently entails debugging. Often, the linear process of following the program counter raises questions about parallel or previous register states, state

Manage your email settings or unsubscribe.

Trouble clicking? Copy and paste this URL into your browser:
https://devi.ly/flare-script-series-querying-dynamic-state-using-the-fireeye-labs-query-oriented-debugger-flare-qdb/

WordPress.com and Jetpack Logos

Get the Jetpack app to use Reader anywhere, anytime

Follow your favorite sites, save posts to read later, and get real-time notifications for likes and comments.

Download Jetpack on Google Play Download Jetpack from the App Store
WordPress.com on Twitter WordPress.com on Facebook WordPress.com on Instagram WordPress.com on YouTube
WordPress.com Logo and Wordmark title=

Automattic, Inc. - 60 29th St. #343, San Francisco, CA 94110  

at November 30, 2023
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Cat bond UCITS funds return 0.53% in January

The rolling 12-month return remains in double-digits for now ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌...

  • [New post] After Announcing a New CEO, is Lordstown Motors Worth Buying?
    Editorial Team posted: "To improve its market reputation and streamline its operations, on Aug. 26 electric vehicle (EV) ma...
  • [New post] Norwegian Black Metal Bands – Satanic or Psychotic?
    Dawn ...
  • End of week Artemis update - July 18th 2025
    A round-up of our ILS focused news from this week ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌...

Search This Blog
  • Home

About Me

privacysavvy
View my complete profile

Report Abuse

Blog Archive

  • February 2026 (14)
  • January 2026 (77)
  • December 2025 (79)
  • November 2025 (73)
  • October 2025 (88)
  • September 2025 (79)
  • August 2025 (71)
  • July 2025 (89)
  • June 2025 (78)
  • May 2025 (95)
  • April 2025 (85)
  • March 2025 (78)
  • February 2025 (31)
  • January 2025 (50)
  • December 2024 (39)
  • November 2024 (42)
  • October 2024 (54)
  • September 2024 (83)
  • August 2024 (2665)
  • July 2024 (3210)
  • June 2024 (2908)
  • May 2024 (3025)
  • April 2024 (3132)
  • March 2024 (3115)
  • February 2024 (2893)
  • January 2024 (3169)
  • December 2023 (3031)
  • November 2023 (3021)
  • October 2023 (2352)
  • September 2023 (1900)
  • August 2023 (2009)
  • July 2023 (1878)
  • June 2023 (1594)
  • May 2023 (1716)
  • April 2023 (1657)
  • March 2023 (1737)
  • February 2023 (1597)
  • January 2023 (1574)
  • December 2022 (1543)
  • November 2022 (1684)
  • October 2022 (1617)
  • September 2022 (1310)
  • August 2022 (1676)
  • July 2022 (1375)
  • June 2022 (1458)
  • May 2022 (1297)
  • April 2022 (1464)
  • March 2022 (1491)
  • February 2022 (1249)
  • January 2022 (1282)
  • December 2021 (1663)
  • November 2021 (3139)
  • October 2021 (3253)
  • September 2021 (3136)
  • August 2021 (732)
Powered by Blogger.