Intro

During my OSED exam preparation I have been learning some stuff about WinDbg python/JS API, IDA’s IDC language and vague concepts about Windows binary analysis. These arguments are not even required for the OSED exam, besides i have found them helpful in a lot of occasions, especially in daily job needs. I will update this post in order to keep track of the history of this blog series, so keep an eye here sometime.

Objective

The objective of the series is to accelerate the vulnerability triagging task during OSED exams by using binary analysis concepts with Pykd and IDA’s IDC language. Final materials will be uploaded on osed-binary-analysis-scripts repo.

Requirements

I will assume you already know how to use Windbg and IDA.

Posts

  1. PE file format & Windbg JS API
  2. Binary analysis with IDA’s IDC language - the abandoned, for good reasons
  3. Introduction to PyKD
  4. IDCzone plugin
  5. Code Tracing with PyKD (part 1)
  6. Code Tracing with PyKD (part 2)
  7. Conclusions