SecTools E20 With Isaac Evans

Posted on Sunday, Jul 5, 2020

Guests

Isaac Evans

Isaac Evans

Isaac Evans is the leader of r2c (https://r2c.dev/), a small startup working on giving security tools directly to developers. Previously, he conducted research into binary exploitation bypasses for techniques like control-flow integrity and novel hardware defenses on new architectures like RISC-V as a researcher at the US Defense Department under a SFS program and at MIT Lincoln Laboratory. Isaac received his BS/MS degrees in EECS from MIT. Other interests include next-generation programming languages, secure-by-design frameworks, software-defined radio, and the intersection of cryptography and public policy.

Links / teasers:
Simply match function calls
The pattern exec(…) matches exec() called with any arguments or across multiple lines - but not the string “exec” in comments or hard-coded strings, because it’s aware of the code structure.

Match function arguments
requests.get(…, verify=False, …) matches requests.get(url, timeout=3, verify=False)

Supported languages: Python, JavaScript, Golang, Java, more coming.

Hosts

Sanoop Thomas

Sanoop Thomas

Sanoop Thomas (@s4n7h0) is a seasoned security professional with diverse background in consulting, teaching, research and product-based industries with a passion to solve complex security problems. Today, Sanoop works as information security specialist focusing on application security and secure coding. His field of interest includes reverse engineering, malware analysis, application security and automating security pentest/analysis methodologies. He is moderating null open community chapter in Singapore and organised over 60 events and workshops to spread security awareness across country. Sanoop is the author and maintainer of Halcyon IDE project and also create infosec contents and podcasts at InfoSec Campus. He has spoken at multiple international security conferences that includes Nullcon, OWASP India, HITBGSEC, Rootcon, Defcon (Demo Labs) and Blackhat Arsenal (USA and Asia). Sanoop is the organizer for BSides Singapore