BEGIN:VCALENDAR
PRODID:-//vBulletin 6//EN
VERSION:2.0
CALSCALE:GREGORIAN
BEGIN:VEVENT
UID:447fb145-4f9a-40a1-b632-cc71f00aaf23
DTSTAMP:20260524T041602Z
SUMMARY:(Advanced) Reversing with Dynamic Data Resolver (DDR) – Best prac
 tice
DESCRIPTION:Title: (Advanced) Reversing with Dynamic Data Resolver (DDR) 
 – Best practice\n\nDescription:\nDDR is an IDA plugin that instruments b
 inaries using the DynamoRIO framework. In this presentation we will show y
 ou best practices how to reverse engineer malware with DDR. The talk will 
 discuss the internals of DDR and show you by demonstration\, the advantage
 s of the tool.\n\nThe DDR plugin can easily resolve the majority of dynami
 c values for registers and memory locations which are usually missed in a 
 static analysis. It can help to find jump locations such as “call eax”
  or interesting strings such as “PE” which are decoded at runtime. The
  tool can be used to dump interesting buffers\, and gives the opportunity 
 to patch the binary at runtime to bypass anti-analysis techniques.\n\nIn t
 his presentation we will show you best practices for working with this too
 l\, and the many ways in which it can facilitate malware analysis. More de
 tails and features can be found here: https://blog.talosintelligence.com/2
 020/05/dynamic-data-resolver-1-0.html\n\nSpeaker(s): Holger Unterbrink\n\n
 Location: Blue Team Vlg / Blue Team Vlg - Talks Track 1\n\nDiscord: https:
 //discord.com/channels/708208267699945503/732454317658734613\n\nEvent star
 ts: 2020-08-08 09:00 (09:00 AM) PDT (UTC -07:00)\n\nEvent ends: 2020-08-08
  10:00 (10:00 AM) PDT (UTC -07:00)\n\nFor the most up-to-date information\
 , please either visit https://info.defcon.org\, or use HackerTracker\, whi
 ch is available for iOS and Android. This is an automated message\, and th
 is data was last modified 2020-08-06T21:48 (UTC).
URL:https://forum.defcon.org/node/234099
DTSTART:20200808T170000Z
DTEND:20200808T180001Z
LOCATION:Blue Team Vlg / Blue Team Vlg - Talks Track 1
END:VEVENT
END:VCALENDAR