top of page
OUR SPEAKERS
Share on:
Oryan De Paz is a low-level researcher & developer in Symantec’s Breach Prevention Group. In her daily job, she works on protecting Active Directory by manipulating various internal mechanisms in the operating system.
She is passionate about the internals of Windows, reverse engineering, and solving puzzles, which makes security research her dream job.
In her free time, she likes to bake, travel, spend time with her dog Alice, and is always up for learning new things.
Oryan De Paz
Low-Level Researcher & Developer, Symantec - A Division of Broadcom
Hebrew, English
Languages:
Location:
Rishon Lezion, Israel
Can also give an online talk/webinar
Paid only. Contact speaker for pricing!
MY TALKS
Find Me if You Can! How to Locate a DLL’s Unexported Functions
Security / Privacy
In order to avoid detection by users, operating systems, or AVs, malware often uses unexported functions. Since these functions are internal, one can’t locate them using trivial ways, like WinAPI functions, and attackers are required to think outside of the box in order to find the hidden gems inside the box.
In this talk, I’ll share my journey searching for ways to locate these functions in memory, in runtime, using tools like IDA and IDAPython scripts. I’ll show what worked, what didn’t work, and how I overcame the challenge of compatibility between Windows versions.
Find Me if You Can! How to Locate a DLL’s Unexported Functions
Completed
true
Visible
true
Order
5
bottom of page