Jeff Gennari

Software Engineering Institute

Jeff Gennari is a Senior Member of the Technical Staff in the CERT program at Carnegie Mellon University’s Software Engineering Institute (SEI). While at the SEI Mr. Gennari has worked as a malicious code analyst where he analyzed hundreds of malware samples, served as an expert witness in U.S. federal court in the area of malware analysis, and delivered computer security and malware analysis training to information technology professionals in the U.S. government. Prior to that Mr. Gennari worked as a vulnerability analyst at CERT where he researched software vulnerabilities and was an active participant in CERT’s secure coding efforts. Current research interests include automated program analysis and reverse engineering as well as architecture-based self-adaptive systems. Mr. Gennari is a mentor in the Masters of Software Engineering program and instructor for the Analysis of Software Artifacts course. Mr. Gennari has a Masters of Software Engineering from Carnegie Mellon University and a BS and MS in Information Science from the University of Pittsburgh.

Publications by Jeff Gennari

Building on Ghidra: Tools for Automating Reverse Engineering and Malware Analysis

February 10, 2022 • Podcast

Jeff Gennari Garret Wassermann

Jeffrey Gennari and Garret Wassermann talk with Suzanne Miller about Kaiju, a series of tools that they have developed that allows for malware analysis and reverse engineering. Kaiju helps analysts take better advantage of the NSA's Ghidra framework.
learn more
Advancing Cyber Operator Tradecraft Through Automated Static Binary Analysis

December 15, 2020 • Video

Cory Cohen Edward J. Schwartz Jeff Gennari

This presentation discusses three SEI research and development projects that help malware and vulnerability analysts.
watch
Reverse Engineering Object-Oriented Code with Ghidra and New Pharos Tools

February 06, 2020 • Podcast

Jeff Gennari Cory Cohen

Jeff Gennari and Cory Cohen discuss updates to the Pharos Binary Analysis Framework in GitHub, including a new plug-in to import OOAnalyzer analysis into the NSA's recently released Ghidra software reverse engineering tool suite.
learn more
Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables

October 15, 2018 • Article

Edward J. Schwartz Cory Cohen Michael Duggan

This article describes OOAnalyzer, a system that statically recovers detailed C++ abstractions from executables in a scalable manner.
read
Pharos Binary Static Analysis: An Update

December 12, 2017 • Podcast

Jeff Gennari

Jeff Gennari discusses updates to the Pharos framework, which automates reverse engineering of malware analysis, including new tools, improvements, and bug fixes.
learn more
SEI Cyber Minute: Automated Reverse Engineering with Pharos

November 28, 2017 • Video

Jeff Gennari

Reverse engineering is a challenging and time consuming process that traditionally requires skilled and experienced analysts. The Pharos framework includes a number of utilities and tools to automate common reverse engineering tasks.
watch
Property Directed Test-case Generation

October 18, 2016 • Poster

Jeff Gennari

Property Directed Test-case Generation
read
Recovering C++ Objects From Binaries Using Inter-Procedural Data-Flow Analysis

October 28, 2014 • Article

Wesley Jin Cory Cohen Jeff Gennari

In this article, the authors present a static approach that uses symbolic execution and inter-procedural data flow analysis to discover object instances, data members, and methods of a common class.
read
Building a Malware Analysis Capability

July 12, 2011 • Podcast

Jeff Gennari Julia H. Allen

In this podcast, Jeff Gennari explains that analyzing malware is essential to assessing the damage and reducing the impact associated with ongoing infection.
learn more
Ranged Integers for the C Programming Language

September 01, 2007 • Technical Note

Jeff Gennari Shaun Hedrick Fred Long

In this 2007 report, the authors describe an extension to the C programming language to introduce the notion of ranged integers.
read