Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library


Pharos Binary Static Analysis: An Update

  • December 2017
  • By Jeff Gennari
  • Jeff Gennari discusses updates to the Pharos framework, which automates reverse engineering of malware analysis, including new tools, improvements, and bug fixes.
  • Malware Analysis
  • Publisher: Software Engineering Institute
  • “We are all about program understanding. We want to make the job of the analysts a little bit easier. In the traditional, manual, reverse engineering, everything was done by hand…. We seek to have this all done in the automated way. Save as much time as possible and get as much up front information out of a piece of software to give to an analyst so they can go ahead and get higher-level insights.”
  • Watch

  • Listen

    Loading Podcast.....
  • Related

    SEI Blog Post: Pharos Binary Static Analysis Tools Released on GitHub

  • Abstract

    Pharos was created by the SEI CERT Division to automate the reverse engineering of binaries, with a focus on malicious code analysis. Pharos, which was recently released on Github, builds upon the ROSE compiler infrastructure developed by Lawrence Livermore National Laboratory for disassembly, control flow analysis, instruction semantics, and more. In this podcast, the SEI CERT Division’s Jeff Gennari discusses updates to the Pharos framework including new tools, improvements, and bug fixes.

  • Transcript
  • Audio

About the Speaker

  • Jeff Gennari

    Jeff Gennari is a Senior Member of the Technical Staff in the CERT program at Carnegie Mellon University’s Software Engineering Institute (SEI). While at the SEI Mr. Gennari has worked as a malicious code analyst where he analyzed hundreds of malware samples, served as an expert witness in U.S. federal court in the area of malware analysis, and delivered computer security and malware analysis training to information technology professionals in the U.S. government. Prior to that Mr. Gennari worked as a vulnerability analyst at CERT where he researched software vulnerabilities and was an active participant in CERT’s secure coding efforts. Current research interests include automated program analysis and reverse engineering as well as architecture-based self-adaptive systems. Mr. Gennari is a mentor in the Masters of Software Engineering program and instructor for the Analysis of Software Artifacts course. Mr. Gennari has a Masters of Software Engineering from Carnegie Mellon University and a BS and MS in Information Science from the University of Pittsburgh.