Qiling Framework (https://qiling.io) is a sandbox emulator framework with a rich set of Python API to enable highly customizable analysis tools built on top. Using emulator technology inside, our engine can run the executable binary in a cross-platform-architecture way, so we can analyze Windows PE files on Linux Arm64, IoT firmware based on Mips on MacOS, and so on.
In this lab, we will be walking through the installation Qiling Framework, fundamentals and how to use Qiling Framework. We will also discuss how to build fuzzers based on 1day bugs. Eventually, how we can dig deeper on both the fuzzer and the 1day bug and possible chances to locate an 0day.
Bo Wen, SUN
Bo Wen SUN is the team members Dubhe CTF team. His research topic mainly focuses on automated binary analysis. In year 2018, he got 1st runners up for HITBGSEC, 2nd runners up for HITB Beijing.
Tong Yu is a team member of Dubhe CTF team. His research topic mainly focuses on automated binary analysis. He was a speaker at the HITB conference and Defcon Group 010.
Tian Zhe, DING
Tian Zhe Ding is currently a master student. His research topic mainly focuses on binary analysis. He is also the leader of the Dubhe CTF team. In year 2018, he leads Dubhe achieve 1st runners up for HITB Singapore, 2nd runners up for HITB Beijing.