Tuesday, June 03, 2008

Known API's and automated static code analysis

I did some quick work a few weeks ago on automating static code analysis by using known API's to generate information about data structures and logic flow. The work is not ground breaking but I felt the techniques are quite useful and I wanted to document them clearly for myself and others. You can grab the short paper here.

It's interesting that slides Halvar presented in 2004 on automating reverse engineering are entirely still relevant. He made a good point ... "no matter how stupid an analysis tool is, some programmers will make mistakes which are stupider". How true...

1 comment:

ICS Cyber Security said...

You did a great job.. Thanks a lot for sharing this useful informative post with us.. Keep on blogging like this informative post with us, to develop my career in the right way.

Automated static analysis