This is mostly a cross-post from Nahuel’s blog.
Our talk was titled “Dynamic Binary Instrumentation frameworks: I know you’re there spying on me“, and we presented about 20 techniques to detect if our code if being instrumented with a DBI-based tool, focusing on Pin, Intel’s DBI framework.
Some highlights from our experience at RECon:
- Montréal is a fantastic city. Delicious food, great beer, very nice people and a huge music festival: Les FrancoFolies!
- RECon conference was great. Top-level talks. RECon is THE reverse engineering conference, period.
- Our talk (our first talk ever at a conference!) went fine. The minutes before our talk we were nervous, but fortunately that feeling disappeared as soon as we put our feet on the speaker’s platform.
You can find the slides for our talk here . During our talk we have released a tool called eXait (the eXtensible Anti Instrumentation Tester), a benchmark-like tool to test all the anti-instrumentation techniques we’ve discussed during our presentation. You can download eXait (source+binaries) here.
UPDATE: Here are a couple of blog posts by other people reviewing talks from RECon, including our talk: