DarunGrim is a binary diffing tool. DarunGrim is a free diffing tool which provides binary diffing functionality.
Binary diffing is a powerful technique to reverse-engineer patches released by software vendors like Microsoft. Especially by analyzing security patches you can dig into the details of the vulnerabilities it's fixing. You can use that information to learn what causes software break. Also that information can help you write some protection codes for those specific vulnerabilities. It's also used to write 1-day exploits by malware writers or security researchers.
This binary diffing technique is especially useful for Microsoft binaries. Not like other vendors they are releasing patch regularly and the patched vulnerabilities are relatively concentrated in small areas in the code. That makes the patched part more visible and apparent to the patch analyzers. There is a "eEye Binary Diffing Suites" released back in 2006 and it's widely used by security researchers to identify vulnerabilities. Even though it's free and opensource, it's powerful enough to be used for that vulnerabilities hunting purpose. Now I'm releasing DarunGrim2 which is a C++ port of original python codes. DarunGrim2 is way faster than original DarunGrim.
发表于 2011-1-31 17:22
