Benoit

  • Total activity 32
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 0 users
  • Votes 0
  • Subscriptions 17

Activity overview

Latest activity by Benoit
  • Benoit created an article,

    How to use Jupyter Notebooks with REVEN?

    This article describes how to use Jupyter Notebook, a powerful web interface for Python, with the REVEN Python API. To use Jupyter with REVEN, you will need to install Jupyter Notebook (if it is n...

  • Benoit created an article,

    Can I run REVEN on my own server?

    Yes, REVEN is designed to run on your own server. Just make sure that your server meets the system requirements. Please contact us if you have other needs, for example regarding usage of REVEN in ...

  • Benoit created an article,

    How large can the tainted buffer be?

    When tainting memory, the most important factor for performance is how often the tainted memory is manipulated, and how often CPU registers are involved in this manipulation. For example, tainting...

  • Benoit created an article,

    Can I change the course of the execution during the Replay?

    For the time being, you cannot change the course of the execution during the replay step. If you need to explore a different scenario, please record a new one. A reason for this limitation is that...

  • Benoit created an article,

    What is the maximum duration of a record of a scenario?

    As far as the duration of a scenario is concerned, the most limiting factor will be disk space. If you work on one trace at a time and follow the recommended specs, you can record anywhere between ...

  • Benoit created an article,

    Can I compare the traces of two scenarios?

    REVEN does not provide such a functionality out of the box for now. Still, you can build your own trace comparison using the Analysis API. It requires: finding the region of interest (symbol, proc...

  • Benoit created an article,

    Running stop.sh leads to `Error in subprocess, aborting`

    Affected releases: REVEN Professional starting from 2.4.0 REVEN Enterprise starting from 2.0.0 Full example of the error: $ ./stop.sh Traceback (most recent call last): File "/home/reven/rev...

  • Benoit created an article,

    Running start.sh leads to `Error : Cannot retrieve resources version compatible with the current reven `

    Affected releases: REVEN Professional starting from 2.4.0 REVEN Enterprise starting from 2.0.0 This error generally happens when a dependency is missing. The cause is that either install.sh was ...

  • Benoit created an article,

    What is the purpose of "Tag0" and "Tag1" in the taint widget?

    Tag0 and Tag1 in the taint widget indicate which data should be marked. Having 2 tags allow you to mark differently some pieces of data, for example: Tag0: rax Tag1: [0x123456; 8], rbx This w...

  • Benoit created an article,

    Can I inspect REVEN memory using Volatility?

    Yes, you can. A Volatility plugin can be found here. The plugin allows to use Volatility commands on any transition of a REVEN trace. In the Uroburos malware study, Volatility is used to dump bina...