search menu icon-carat-right cmu-wordmark

Building on Ghidra: Tools for Automating Reverse Engineering and Malware Analysis

February 2022 Podcast
Jeff Gennari, Garret Wassermann

Jeffrey Gennari and Garret Wassermann talk with Suzanne Miller about Kaiju, a series of tools that they have developed that allows for malware analysis and reverse engineering. Kajiu helps analysts take better advantage of the NSA's Ghidra framework.

“We set out years ago to try to find new and better ways to automate as much of malware analysis and reverse engineering as we could.”

Listen

Watch

Abstract

In this SEI Podcast, Jeffrey Gennari and Garret Wassermann talk with Suzanne Miller about Kaiju, a series of tools that they have developed that allows for malware analysis and reverse engineering. Kajiu helps analysts take better advantage of Ghidra, the National Security Agency’s reverse-engineering tool.

About the Speaker

Jeff Gennari

Jeff Gennari

Jeffrey Gennari is a senior member ...

Jeffrey Gennari is a senior member of the technical staff in the CERT Division at the SEI. While at the SEI, Gennari has worked as a malicious-code analyst where he analyzed hundreds of malware samples, served as an expert witness in U.S. federal court in the area of malware analysis, and delivered computer-security and malware-analysis training to information technology professionals in the U.S. government. Before that, he worked as a vulnerability analyst at CERT where he researched software vulnerabilities and was an active participant in CERT’s secure-coding efforts. His current research interests include automated program analysis and reverse engineering as well as architecture-based self-adaptive systems. Gennari is a mentor in the Carnegie Mellon Master of Software Engineering (MSE) program and instructor for the Analysis of Software Artifacts course. Gennari has an MSE degree from Carnegie Mellon and a BS and MS in information science from the University of Pittsburgh.

Read more
Garret Wassermann

Garret Wassermann

Garret Wassermann is a vulnerability analyst in the CERT Division at the SEI. His research interests include development of programming-language and static-analysis tools for vulnerability discovery ...

Garret Wassermann is a vulnerability analyst in the CERT Division at the SEI. His research interests include development of programming-language and static-analysis tools for vulnerability discovery and software system verification. Previously, he taught mathematics, physics, and computer science courses as an adjunct instructor at several universities and tech schools in the Pittsburgh area and New Orleans. Wasserman received MS and BS degrees in both applied mathematics and physics from the University of New Orleans.

Read more