Just a quick tip for anyone doing a code review of a Java EE web application: LAPSE+ is a very useful tool to have in the arsenal, whether you’ve got the original source or just the JAR/WAR file.
In my case, the client provided me with a single .WAR file which contained the application. As it was a large application, I didn’t really fancy digging through everything manually with JD-GUI, although it is an excellent Java decompiler. I decided to take the opportunity to give LAPSE+ a try.
Here’s what you’ll...
In this series of posts, I’m going to discuss executable analysis, the methods that are used and mechanisms to prevent them. There are three types of analysis that can be performed on executables:
Static - Analysis of the sample file on disk.
Emulated - Branch and stack analysis of the sample through an emulator.
Live - Analysis of the executing sample on a VM, usually using hooks.
I’m going to look at each type in detail, giving examples of techniques used in each and ways to make analysis...