OUR SPEAKERS

Share on:
Asset 14icon.png
Asset 39icon.png
Asset 12icon.png

Oryan De Paz is a low-level researcher & developer in Symantec’s Breach Prevention Group. In her daily job, she works on protecting Active Directory by manipulating various internal mechanisms in the operating system.
She is passionate about the internals of Windows, reverse engineering, and solving puzzles, which makes security research her dream job.
In her free time, she likes to bake, travel, spend time with her dog Alice, and is always up for learning new things.

Oryan De Paz

Low-Level Researcher & Developer, Symantec - A Division of Broadcom
Asset 12icon.png
Asset 1TWITTER.png
Hebrew, English
Languages:
Location:
Rishon Lezion, Israel
Can also give an online talk/webinar

MY TALKS

Find Me if You Can! How to Locate a DLL’s Unexported Functions

Security / Privacy

In order to avoid detection by users, operating systems, or AVs, malware often uses unexported functions. Since these functions are internal, one can’t locate them using trivial ways, like WinAPI functions, and attackers are required to think outside of the box in order to find the hidden gems inside the box.
In this talk, I’ll share my journey searching for ways to locate these functions in memory, in runtime, using tools like IDA and IDAPython scripts. I’ll show what worked, what didn’t work, and how I overcame the challenge of compatibility between Windows versions.

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

© 2020 by Women on Stage | Contact@womenonstage.net | Terms of Service | Privacy Policy

Asset 22לבן חדש.png
  • Facebook
  • LinkedIn
  • Twitter
  • YouTube