SlideShare a Scribd company logo

Static analysis for beginners

Antonio Costa aka Cooler_
Antonio Costa aka Cooler_

Understand how to write your static analysis tool from the scratch.

Software
1 of 41
Download to read offline
Static Analysis for beginners How you can find dragons
whoamy ● Just another Programmer ● Security Engineer ● Ten years experience ● About me: Github.com/CoolerVoid Twitter: @Cooler_freenode Contact: coolerlair@gmail.com
Etymology
Etymology ● theguardian.com/technology/2011/oct/13/dennis-ritchie ● economist.com/obituary/2011/11/05/dennis-ritchie-and-john- mccarthy
Linux/Git creation ● Version control ● Manual Codereview ● New tools for static analysis in Kernel or drivers to make auto patch etc...
The root of study
The root of study ● The Dragon Book ● Flex ● Bison ● AST ● Trees ● Tokenizer
Security focus ● Find Pitfalls ● Fix each point ● Mitigate ● Sometimes its hard… ● Education ???
Security focus ● Find Pitfalls ● Fix each point ● Mitigate ● Sometimes its hard… ● Education ???
Security focus ● Find Pitfalls ● Fix each point ● Mitigate ● Sometimes its hard… ● Education ???
Security focus ● Mitre ● OWASP ● Other resources… ● Owasp.org ● cve.mitre.org
File system Pitfalls ● File system problems ● Call Open() but not call close() ● Load config file, but don’t have lock… ● Don’t check permissions to open file ● Don’t check existence of file ● Race condition (TOCTOU) ● Mistake in permissions
Pitfall example 1 ● File system problems ● Call Open() but not call close() ● Load config file, but don’t have lock… ● Don’t check permissions to open file ● Don’t check existence of file ● Race condition (TOCTOU) ● Mistake in permissions
Pitfall example 1 ● This code example is noncompliant because the file opened by the call to fopen() is not closed before function func() returns:
Pitfall example 1 ● This code example is right way, because open and close file:
Detection ● Do you remember the dragon book ? ● You can use DFA(Deterministic Finite Automaton) to solve this with rank points. ● You can tokenize each word and save in nodes, you can load data structure and walk to collect each rule, the data structure you can use Tree, AST, graph(this is common but more complex). ● You can use Flex+Bison to generate input extractor and parser… ● You can use regex(regular expression), but don’t have a good performance! Its not better path! ● Relax here! have other paths to following…
Detection ● Do you remember the dragon book ? ● You can use DFA(Deterministic Finite Automaton) to solve this with rank points. ● You can tokenize each word ans save in nodes, you can load data structure and walk to collect each rule, the data structure you can use Tree, AST, graph(this is common but more complex). ● You can use Flex+Bison to generate input extractor and parse rules… ● You can use regex(regular expression), but don’t have a good performance! Its not better path! ● Relax here! have other paths to following…
Detection Ex 1 ● Its OK my choice is use Re2c to solve the problem! ● Re2c is a free and open-source lexer generator for C, C++ and Go. It compiles regular expressions to determinisitic finite automata and encodes the automata in the form of a program in the target language. ● The main advantages of re2c are speed of the generated code and a flexible user interface that allows one to adapt the generated lexer to a particular environment and input model. ● Re2c supports fast and lightweight submatch extraction with either POSIX or leftmost greedy semantics.
Detection Ex 1 ● github.com/CoolerVoid/heap_detective/tree/master/doc/PoC1 ● doc/PoC1/rule.c ● Rule to generate ● Need Re2c tool ● Need GCC
Detection Ex 1 ● github.com/CoolerVoid/heap_detective/tree/master/doc/PoC1 ● doc/PoC1/gen_re2.c ● Rule to generate ● Need Re2c tool ● Need GCC
Detection Ex 1 ● github.com/CoolerVoid/heap_detective/tree/master/doc/PoC1
Detection Ex 1 ● github.com/CoolerVoid/heap_detective/tree/master/doc/PoC1/extest.c
Detection Ex 1 ● github.com/CoolerVoid/heap_detective/tree/master/doc/PoC1/test.sh ● Note need re2c and gcc! (apt-get install re2c gcc)
Detection Ex 1 The logic its simple !
Detection Ex 1 ● github.com/CoolerVoid/heap_detective/tree/master/doc/PoC1/test.sh ● Note need re2c and gcc! (apt-get install re2c gcc)
Detection ● Do you remember the dragon book ? ● You can use DFA(Deterministic Finite Automaton) to solve this with rank points. ● You can tokenize each word ans save in nodes, you can load data structure and walk to collect each rule, the data structure you can use Tree, AST, graph(this is common but more complex). ● You can use Flex+Bison to generate input extractor and parse rules… ● You can use regex(regular expression), but don’t have a good performance! Its not better path! ● Relax here! have other paths to following…
● Do you remember the dragon book ? ● You can use DFA(Deterministic Finite Automaton) to solve this with rank points. ● You can tokenize each word ans save in nodes, you can load data structure and walk to collect each rule, the data structure you can use Tree, AST, graph(this is common but more complex). ● You can use Flex+Bison to generate input extractor and parse rules… ● You can use regex(regular expression), but don’t have a good performance! Its not better path! ● Relax here! have other paths to following… Detection
Heap detective ● All languages uses heap memory ● In C its commom when you use functions like malloc(), calloc(), realloc(), strdup() etc… ● In C++ its common when you use “new”. ● Heap use can have a lot pitfalls if you not follow good practices. ● Memory leak, double free, use after free, wild pointer, heap overflow, crash(DoS) other pitfalls… ● Some languages like Java have garbage collector to clean the heap memory to manage this, but if programmer don’t know good practices the problem with memory leak or crash can be found.
Heap detective ● How you can map heap memory use ?
Heap detective ● How you can map heap memory usage in static analysis ? ● Use my Tool heap detective ● https://github.com/CoolerVoid/heap_detective
Heap detective ● How you can map heap memory use ? ● List the functions that use heap memory ● List functions to liberate heap
Overview
Heap detective ●
Heap detective ●
Heap detective
Heap detective
Cool stuff ● My Tree library in C ● Ice n-ary tree based on glib tree functions ● https://github.com/CoolerVoid/icenarytree
Other projects ● Code walk, code search, regex with rule based… ● github.com/CoolerVoid/codewarrior ● github.com/CoolerVoid/codecat ● https://semgrep.dev (very cool)
Questions ?
Thank you! Credits: CoolerVoid Contact: coolerlair@gmail.com

Recommended

WAF protections and bypass resources
WAF protections and bypass resourcesWAF protections and bypass resources
WAF protections and bypass resourcesAntonio Costa aka Cooler_
 
Understand study
Understand studyUnderstand study
Understand studyAntonio Costa aka Cooler_
 
0d1n
0d1n0d1n
0d1nAntonio Costa aka Cooler_
 
Raptor web application firewall
Raptor web application firewallRaptor web application firewall
Raptor web application firewallAntonio Costa aka Cooler_
 
Dynamic PHP web-application analysis
Dynamic PHP web-application analysisDynamic PHP web-application analysis
Dynamic PHP web-application analysisax330d
 
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data ExfiltrationWhat Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data ExfiltrationCTruncer
 
The Veil-Framework
The Veil-FrameworkThe Veil-Framework
The Veil-FrameworkVeilFramework
 
The Supporting Role of Antivirus Evasion while Persisting
The Supporting Role of Antivirus Evasion while PersistingThe Supporting Role of Antivirus Evasion while Persisting
The Supporting Role of Antivirus Evasion while PersistingCTruncer
 

Recommended

WAF protections and bypass resources
WAF protections and bypass resourcesWAF protections and bypass resources
WAF protections and bypass resourcesAntonio Costa aka Cooler_
 
Understand study
Understand studyUnderstand study
Understand studyAntonio Costa aka Cooler_
 
0d1n
0d1n0d1n
0d1nAntonio Costa aka Cooler_
 
Raptor web application firewall
Raptor web application firewallRaptor web application firewall
Raptor web application firewallAntonio Costa aka Cooler_
 
Dynamic PHP web-application analysis
Dynamic PHP web-application analysisDynamic PHP web-application analysis
Dynamic PHP web-application analysisax330d
 
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data ExfiltrationWhat Goes In Must Come Out: Egress-Assess and Data Exfiltration
What Goes In Must Come Out: Egress-Assess and Data ExfiltrationCTruncer
 
The Veil-Framework
The Veil-FrameworkThe Veil-Framework
The Veil-FrameworkVeilFramework
 
The Supporting Role of Antivirus Evasion while Persisting
The Supporting Role of Antivirus Evasion while PersistingThe Supporting Role of Antivirus Evasion while Persisting
The Supporting Role of Antivirus Evasion while PersistingCTruncer
 
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CoreМеханизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CorePositive Development User Group
 
RIPS - static code analyzer for vulnerabilities in PHP
RIPS - static code analyzer for vulnerabilities in PHPRIPS - static code analyzer for vulnerabilities in PHP
RIPS - static code analyzer for vulnerabilities in PHPSorina Chirilă
 
Anatomy of PHP Shells
Anatomy of PHP ShellsAnatomy of PHP Shells
Anatomy of PHP ShellsVedran Krivokuca
 
Firmware Extraction & Fuzzing - Jatan Raval
Firmware Extraction & Fuzzing - Jatan RavalFirmware Extraction & Fuzzing - Jatan Raval
Firmware Extraction & Fuzzing - Jatan RavalNSConclave
 
Pentester++
Pentester++Pentester++
Pentester++CTruncer
 
Low latency Logging (BrightonPHP - 18th Nov 2013)
Low latency Logging (BrightonPHP - 18th Nov 2013)Low latency Logging (BrightonPHP - 18th Nov 2013)
Low latency Logging (BrightonPHP - 18th Nov 2013)James Titcumb
 
Hacking - Breaking Into It
Hacking - Breaking Into ItHacking - Breaking Into It
Hacking - Breaking Into ItCTruncer
 
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal ShindeFrida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal ShindeNSConclave
 
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScript
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScriptJS Fest 2019. Ryan Dahl. Deno, a new way to JavaScript
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScriptJSFestUA
 
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawEC-Council
 
Who’s afraid of WinDbg
Who’s afraid of WinDbgWho’s afraid of WinDbg
Who’s afraid of WinDbgDror Helper
 
Higher Level Malware
Higher Level MalwareHigher Level Malware
Higher Level MalwareCTruncer
 
Introduction to Binary Exploitation
Introduction to Binary Exploitation Introduction to Binary Exploitation
Introduction to Binary Exploitation Cysinfo Cyber Security Community
 
Debugging tricks you wish you knew - Tamir Dresher
Debugging tricks you wish you knew - Tamir DresherDebugging tricks you wish you knew - Tamir Dresher
Debugging tricks you wish you knew - Tamir DresherTamir Dresher
 
Porting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidPorting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidVlatko Kosturjak
 
The Art of AV Evasion - Or Lack Thereof
The Art of AV Evasion - Or Lack ThereofThe Art of AV Evasion - Or Lack Thereof
The Art of AV Evasion - Or Lack ThereofCTruncer
 
Wonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSWonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSVlatko Kosturjak
 
Bringing Down the House - How One Python Script Ruled Over AntiVirus
Bringing Down the House - How One Python Script Ruled Over AntiVirusBringing Down the House - How One Python Script Ruled Over AntiVirus
Bringing Down the House - How One Python Script Ruled Over AntiVirusCTruncer
 
Ripping web accessible .git files
Ripping web accessible .git filesRipping web accessible .git files
Ripping web accessible .git filesVlatko Kosturjak
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Stephan Chenette
 
Ruxmon.2013-08.-.CodeBro!
Ruxmon.2013-08.-.CodeBro!Ruxmon.2013-08.-.CodeBro!
Ruxmon.2013-08.-.CodeBro!Christophe Alladoum
 
HelsinkiJS - Clojurescript for Javascript Developers
HelsinkiJS - Clojurescript for Javascript DevelopersHelsinkiJS - Clojurescript for Javascript Developers
HelsinkiJS - Clojurescript for Javascript DevelopersJuho Teperi
 

More Related Content

What's hot

Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CoreМеханизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CorePositive Development User Group
 
RIPS - static code analyzer for vulnerabilities in PHP
RIPS - static code analyzer for vulnerabilities in PHPRIPS - static code analyzer for vulnerabilities in PHP
RIPS - static code analyzer for vulnerabilities in PHPSorina Chirilă
 
Firmware Extraction & Fuzzing - Jatan Raval
Firmware Extraction & Fuzzing - Jatan RavalFirmware Extraction & Fuzzing - Jatan Raval
Firmware Extraction & Fuzzing - Jatan RavalNSConclave
 
Pentester++
Pentester++Pentester++
Pentester++CTruncer
 
Low latency Logging (BrightonPHP - 18th Nov 2013)
Low latency Logging (BrightonPHP - 18th Nov 2013)Low latency Logging (BrightonPHP - 18th Nov 2013)
Low latency Logging (BrightonPHP - 18th Nov 2013)James Titcumb
 
Hacking - Breaking Into It
Hacking - Breaking Into ItHacking - Breaking Into It
Hacking - Breaking Into ItCTruncer
 
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal ShindeFrida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal ShindeNSConclave
 
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScript
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScriptJS Fest 2019. Ryan Dahl. Deno, a new way to JavaScript
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScriptJSFestUA
 
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawEC-Council
 
Who’s afraid of WinDbg
Who’s afraid of WinDbgWho’s afraid of WinDbg
Who’s afraid of WinDbgDror Helper
 
Higher Level Malware
Higher Level MalwareHigher Level Malware
Higher Level MalwareCTruncer
 
Debugging tricks you wish you knew - Tamir Dresher
Debugging tricks you wish you knew - Tamir DresherDebugging tricks you wish you knew - Tamir Dresher
Debugging tricks you wish you knew - Tamir DresherTamir Dresher
 
Porting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidPorting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidVlatko Kosturjak
 
The Art of AV Evasion - Or Lack Thereof
The Art of AV Evasion - Or Lack ThereofThe Art of AV Evasion - Or Lack Thereof
The Art of AV Evasion - Or Lack ThereofCTruncer
 
Wonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSWonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSVlatko Kosturjak
 
Bringing Down the House - How One Python Script Ruled Over AntiVirus
Bringing Down the House - How One Python Script Ruled Over AntiVirusBringing Down the House - How One Python Script Ruled Over AntiVirus
Bringing Down the House - How One Python Script Ruled Over AntiVirusCTruncer
 
Ripping web accessible .git files
Ripping web accessible .git filesRipping web accessible .git files
Ripping web accessible .git filesVlatko Kosturjak
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Stephan Chenette
 

What's hot (20)

Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CoreМеханизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET Core
 
RIPS - static code analyzer for vulnerabilities in PHP
RIPS - static code analyzer for vulnerabilities in PHPRIPS - static code analyzer for vulnerabilities in PHP
RIPS - static code analyzer for vulnerabilities in PHP
 
Anatomy of PHP Shells
Anatomy of PHP ShellsAnatomy of PHP Shells
Anatomy of PHP Shells
 
Firmware Extraction & Fuzzing - Jatan Raval
Firmware Extraction & Fuzzing - Jatan RavalFirmware Extraction & Fuzzing - Jatan Raval
Firmware Extraction & Fuzzing - Jatan Raval
 
Pentester++
Pentester++Pentester++
Pentester++
 
Low latency Logging (BrightonPHP - 18th Nov 2013)
Low latency Logging (BrightonPHP - 18th Nov 2013)Low latency Logging (BrightonPHP - 18th Nov 2013)
Low latency Logging (BrightonPHP - 18th Nov 2013)
 
Hacking - Breaking Into It
Hacking - Breaking Into ItHacking - Breaking Into It
Hacking - Breaking Into It
 
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal ShindeFrida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
 
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScript
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScriptJS Fest 2019. Ryan Dahl. Deno, a new way to JavaScript
JS Fest 2019. Ryan Dahl. Deno, a new way to JavaScript
 
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
 
Who’s afraid of WinDbg
Who’s afraid of WinDbgWho’s afraid of WinDbg
Who’s afraid of WinDbg
 
Higher Level Malware
Higher Level MalwareHigher Level Malware
Higher Level Malware
 
Introduction to Binary Exploitation
Introduction to Binary Exploitation Introduction to Binary Exploitation
Introduction to Binary Exploitation
 
Debugging tricks you wish you knew - Tamir Dresher
Debugging tricks you wish you knew - Tamir DresherDebugging tricks you wish you knew - Tamir Dresher
Debugging tricks you wish you knew - Tamir Dresher
 
Porting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidPorting your favourite cmdline tool to Android
Porting your favourite cmdline tool to Android
 
The Art of AV Evasion - Or Lack Thereof
The Art of AV Evasion - Or Lack ThereofThe Art of AV Evasion - Or Lack Thereof
The Art of AV Evasion - Or Lack Thereof
 
Wonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSWonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCS
 
Bringing Down the House - How One Python Script Ruled Over AntiVirus
Bringing Down the House - How One Python Script Ruled Over AntiVirusBringing Down the House - How One Python Script Ruled Over AntiVirus
Bringing Down the House - How One Python Script Ruled Over AntiVirus
 
Ripping web accessible .git files
Ripping web accessible .git filesRipping web accessible .git files
Ripping web accessible .git files
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007
 

Similar to Static analysis for beginners

HelsinkiJS - Clojurescript for Javascript Developers
HelsinkiJS - Clojurescript for Javascript DevelopersHelsinkiJS - Clojurescript for Javascript Developers
HelsinkiJS - Clojurescript for Javascript DevelopersJuho Teperi
 
Dart the Better JavaScript
Dart the Better JavaScriptDart the Better JavaScript
Dart the Better JavaScriptJorg Janke
 
Number of Computer Languages = 3
Number of Computer Languages = 3Number of Computer Languages = 3
Number of Computer Languages = 3Ram Sekhar
 
The Good, the Bad and the Ugly things to do with android
The Good, the Bad and the Ugly things to do with androidThe Good, the Bad and the Ugly things to do with android
The Good, the Bad and the Ugly things to do with androidStanojko Markovik
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe
 
Tips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyTips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyOlivier Bourgeois
 
Why go ?
Why go ?Why go ?
Why go ?Mailjet
 
Not Your Fathers C - C Application Development In 2016
Not Your Fathers C - C Application Development In 2016Not Your Fathers C - C Application Development In 2016
Not Your Fathers C - C Application Development In 2016maiktoepfer
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
 
Bsdtw17: george neville neil: realities of dtrace on free-bsd
Bsdtw17: george neville neil: realities of dtrace on free-bsdBsdtw17: george neville neil: realities of dtrace on free-bsd
Bsdtw17: george neville neil: realities of dtrace on free-bsdScott Tsai
 
Performance optimization techniques for Java code
Performance optimization techniques for Java codePerformance optimization techniques for Java code
Performance optimization techniques for Java codeAttila Balazs
 
Dart the better Javascript 2015
Dart the better Javascript 2015Dart the better Javascript 2015
Dart the better Javascript 2015Jorg Janke
 
Ruby, the language of devops
Ruby, the language of devopsRuby, the language of devops
Ruby, the language of devopsRob Kinyon
 
Power Leveling your TypeScript
Power Leveling your TypeScriptPower Leveling your TypeScript
Power Leveling your TypeScriptOffirmo
 
Why Functional Programming and Clojure - LightningTalk
Why Functional Programming and Clojure - LightningTalkWhy Functional Programming and Clojure - LightningTalk
Why Functional Programming and Clojure - LightningTalkJakub Holy
 
OS X Drivers Reverse Engineering
OS X Drivers Reverse EngineeringOS X Drivers Reverse Engineering
OS X Drivers Reverse EngineeringPositive Hack Days
 
Practical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profilingPractical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profilingLubomir Rintel
 

Similar to Static analysis for beginners (20)

Ruxmon.2013-08.-.CodeBro!
Ruxmon.2013-08.-.CodeBro!Ruxmon.2013-08.-.CodeBro!
Ruxmon.2013-08.-.CodeBro!
 
HelsinkiJS - Clojurescript for Javascript Developers
HelsinkiJS - Clojurescript for Javascript DevelopersHelsinkiJS - Clojurescript for Javascript Developers
HelsinkiJS - Clojurescript for Javascript Developers
 
Dart the Better JavaScript
Dart the Better JavaScriptDart the Better JavaScript
Dart the Better JavaScript
 
Number of Computer Languages = 3
Number of Computer Languages = 3Number of Computer Languages = 3
Number of Computer Languages = 3
 
The Good, the Bad and the Ugly things to do with android
The Good, the Bad and the Ugly things to do with androidThe Good, the Bad and the Ugly things to do with android
The Good, the Bad and the Ugly things to do with android
 
Stripe CTF3 wrap-up
Stripe CTF3 wrap-upStripe CTF3 wrap-up
Stripe CTF3 wrap-up
 
Tips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyTips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development Efficiency
 
Why go ?
Why go ?Why go ?
Why go ?
 
Cloud accounting software uk
Cloud accounting software ukCloud accounting software uk
Cloud accounting software uk
 
Not Your Fathers C - C Application Development In 2016
Not Your Fathers C - C Application Development In 2016Not Your Fathers C - C Application Development In 2016
Not Your Fathers C - C Application Development In 2016
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?
 
Bsdtw17: george neville neil: realities of dtrace on free-bsd
Bsdtw17: george neville neil: realities of dtrace on free-bsdBsdtw17: george neville neil: realities of dtrace on free-bsd
Bsdtw17: george neville neil: realities of dtrace on free-bsd
 
NANO266 - Lecture 9 - Tools of the Modeling Trade
NANO266 - Lecture 9 - Tools of the Modeling TradeNANO266 - Lecture 9 - Tools of the Modeling Trade
NANO266 - Lecture 9 - Tools of the Modeling Trade
 
Performance optimization techniques for Java code
Performance optimization techniques for Java codePerformance optimization techniques for Java code
Performance optimization techniques for Java code
 
Dart the better Javascript 2015
Dart the better Javascript 2015Dart the better Javascript 2015
Dart the better Javascript 2015
 
Ruby, the language of devops
Ruby, the language of devopsRuby, the language of devops
Ruby, the language of devops
 
Power Leveling your TypeScript
Power Leveling your TypeScriptPower Leveling your TypeScript
Power Leveling your TypeScript
 
Why Functional Programming and Clojure - LightningTalk
Why Functional Programming and Clojure - LightningTalkWhy Functional Programming and Clojure - LightningTalk
Why Functional Programming and Clojure - LightningTalk
 
OS X Drivers Reverse Engineering
OS X Drivers Reverse EngineeringOS X Drivers Reverse Engineering
OS X Drivers Reverse Engineering
 
Practical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profilingPractical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profiling
 

More from Antonio Costa aka Cooler_

More from Antonio Costa aka Cooler_ (10)

Strange security mitigations
Strange security mitigationsStrange security mitigations
Strange security mitigations
 
Improving spam detection with automaton
Improving spam detection with automatonImproving spam detection with automaton
Improving spam detection with automaton
 
Burlando Waf 2.0
Burlando Waf 2.0Burlando Waf 2.0
Burlando Waf 2.0
 
burlando um WAF
burlando um WAFburlando um WAF
burlando um WAF
 
Development pitfalls
Development pitfallsDevelopment pitfalls
Development pitfalls
 
0d1n bsides2
0d1n bsides20d1n bsides2
0d1n bsides2
 
Vivendo de hacking
Vivendo de hackingVivendo de hacking
Vivendo de hacking
 
Bsides odin
Bsides odinBsides odin
Bsides odin
 
Bsides4cooler
Bsides4coolerBsides4cooler
Bsides4cooler
 
detector de ladrão com laser
detector de ladrão com laserdetector de ladrão com laser
detector de ladrão com laser
 

Recently uploaded

Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...SelfMade bd
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfayushiqss
 
SHRMPro HRMS Software Solutions Presentation
SHRMPro HRMS Software Solutions PresentationSHRMPro HRMS Software Solutions Presentation
SHRMPro HRMS Software Solutions PresentationShrmpro
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...masabamasaba
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplatePresentation.STUDIO
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 

Recently uploaded (20)

Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
SHRMPro HRMS Software Solutions Presentation
SHRMPro HRMS Software Solutions PresentationSHRMPro HRMS Software Solutions Presentation
SHRMPro HRMS Software Solutions Presentation
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Vancouver Psychic Readings, Attraction spells,Br...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 

Static analysis for beginners