what
- a powerful, dynamic, interactive binary visualization tool
why
- obfuscated file headers
- no headers
- multiple binaries embedded in a single blob
- unique instruction sets
- proprietary data formats
- overwhelming complexity
- steganography
- memory dumps
- rapid RE
- triage
- firmware
- forensics
- dust
introducing visual RE
- sift through megabytes of data in seconds
- rapidly conceptualize a file
- identify based on patterns, not headers
- break out embedded types
- visualize data tampering
- investigate structure, a priori
- isolate areas of interest
- make no assumptions about the underlying data type
even arbitrary data has a visual fingerprint
|
|
|
