Static Instrumentation Based on Executable Formats

Recon Montréal & PST June 20, 2018

Talk given at Recon Montréal and PassTheSalt18 about static instrumentation and its use cases.

Many instrumentation techniques are based on modifying code or system environment of the target. It can be suitable for scenarios but it could not work under certain circumstance (integrity checking, non-rooted environment…) In this talk we propose similar techniques by only modifying the executable format. This enables to be architecture independent, injection and hooking does not require privileged environment.