[Owasp-delhi] Reverse Engineering

Srikar Sagi srikarsagi at yahoo.com
Wed Jun 30 23:48:36 EDT 2010


these tools i.e. "Binary Analysis Tools" are pretty costly and they do support popular programming languages such as C, C++, Java etc.

Moreover, to be honest, there are plenty of Java disassemblers and its just a matter of one or two clicks by the time you get the code in front of your eyes.

However, I'm darn sure that, even for Security Vulnerability testing you are not supposed to do RE & definitely part of IT Policies & Acts of many countries apart from the EULA,  hence the "Binary Analysis Tools" business model came & is a very lucrative.

--Srikar
0917-66-176-99

--- On Thu, 1/7/10, chintan dave <davechintan at gmail.com> wrote:

From: chintan dave <davechintan at gmail.com>
Subject: Re: [Owasp-delhi] Reverse Engineering
To: srikarsagi at yahoo.com
Cc: owasp-mumbai at lists.owasp.org, dhruv.soi at owasp.org, owasp-delhi at lists.owasp.org, owasp-bangalore at lists.owasp.org
Date: Thursday, 1 July, 2010, 6:49 AM

Agreed! How about Java Applets?

I believe they are subject to manual decompilation. Correct me if I am wrong.

On Wed, Jun 30, 2010 at 9:13 PM, Srikar Sagi <srikarsagi at yahoo.com> wrote:


you don't have to do any RE yourself, since there are "Binary Analysis Tools" which takes executable and creates a run-time environment then loads each segment and checks for security vulnerabilities/issues.


--Srikar
0917-66-176-99

--- On Thu, 1/7/10, Soi, Dhruv <dhruv.soi at owasp.org> wrote:


From: Soi, Dhruv <dhruv.soi at owasp.org>
Subject: Re: [Owasp-delhi] Reverse Engineering

To: "'chintan dave'" <davechintan at gmail.com>, owasp-mumbai at lists.owasp.org

Cc: owasp-delhi at lists.owasp.org, owasp-bangalore at lists.owasp.org
Date: Thursday, 1 July, 2010, 12:44 AM


I think its there in the EULA shipped with any software.

-----Original Message-----
From: owasp-delhi-bounces at lists.owasp.org

[mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of chintan dave
Sent: 30 June 2010 19:46
To: owasp-mumbai at lists.owasp.org

Cc: owasp-delhi at lists.owasp.org; owasp-bangalore at lists.owasp.org

Subject: [Owasp-delhi] Reverse Engineering

Hi
 Experts,

I need a small help from you.

Is RE legal for security assessments of products purchased from vendors?

There has been a bit of confusion around RE topic.

I know it is illegal to do RE to steal the idea, however this one, I

need feedback from you folks.

If you can share some authoritative resources that could confirm on
the legality/illegality, it would be great.

-- 
Regards,
Chintan Dave,

LinkedIn: http://in.linkedin.com/in/chintandave

Blog:http://www.chintandave.com
_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org

https://lists.owasp.org/mailman/listinfo/owasp-delhi

_______________________________________________
Owasp-delhi mailing list

Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi





-- 
Regards,
Chintan Dave,

LinkedIn: http://in.linkedin.com/in/chintandave

Blog:http://www.chintandave.com



-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100701/3a9bbd2e/attachment.html 


More information about the Owasp-delhi mailing list