Reverse Engineering and Control Flow Analysis with Intel Processor Trace

Abstract

Intel Processor Trace (Intel PT) offers a powerful tool for capturing detailed control flow information of software running on Intel CPUs. This presentation explores how Intel PT, combined with Linux’s perf tool can be leveraged for dynamic control flow analysis and reverse engineering. Attendees will learn about Intel PT’s architecture and configuration, techniques for collecting and interpreting trace data using perf, and practical applications in analyzing software behavior, detecting anomalies, and uncovering vulnerabilities in combination with common reverse engineering tools. Real-world case studies and demonstrations will showcase the effectiveness of Intel PT and perf in enhancing software security.

Hagen Paul Pfeifer

Hagen Paul Pfeifer serves as the Chief Software Strategist at Rohde & Schwarz, where he plays a pivotal role in shaping the software strategy and driving technological innovation. With extensive experience in low-level programming, system architecture, embedded systems and cybersecurity, Hagen specializes in leveraging advanced tools and techniques to dissect and understand complex software behaviors.

Throughout his career, Hagen has made contributions to both the Linux kernel and the Internet Engineering Task Force (IETF). He has worked on multiple Linux subsystems, including networking and performance analysis, and has authored several Internet-Drafts within the IETF, focusing on routing and TCP performance enhancements.

Hagen holds a degree in Computer Science and continuously engages in research to stay at the forefront of technology. He can be reached at hagen@jauu.net for inquiries and collaborations.

For more details, you can refer to his GitHub profile.