This pages summarizes some of the projects my students and I['m currently|had been] working on. All of our work is free software, thus patches and comments are appreciated.
demovfuscator is a generic deobfuscator for binaries that were compiled
using Christopher Domas' famous
M/o/Vfuscator. The current
release is able to reconstruct the CFG of the original program and partially
mov instructions by their equivalent high-level ASM
opcodes. Note that the
demovfuscator is work in progress software, i.e.
patches and comments are very welcome!
TCP_Stealth is an RFC draft and an extension for the Linux kernel providing a
modern version of port knocking for TCP sockets. Unlike other approaches,
TCP_Stealth is safe against active MitM attacks, is able to ensure the
integrity of the first TCP segment sent after the handshake, and requires only
minimal changes to existing applications (