Uses program synthesis to deobfuscate VM instruction handlers used by obfuscators such as VMProtect and Themida. Published at USENIX Security 2017.


An AFL style feedback fuzzer, that uses Intel-PT to trace operating systems without access to sourcecode. Published at USENIX Security 2017

Interval Tree

A very efficient data structure to query ranges for Rust. Useful to implement analysis passes on memory/code/firmware dumps.

Loaded Dice

Sample from discrete distributions in O(1). Very useful when building randomized generators and fuzzer in Rust.

A one day workshop on using SMT-Solvers and bounded model checker for reverse engineering and binary analysis.


A human friendly pwgen based on XKCD 936


A ruby programmable debugger library based on the linux ptrace API and /proc/$pid/ interfaces.


Robust semantic hashes for arbitrary x86 functions. Identify functions in very large database, even when compiled with different options.

Cornelius Aschermann

Fuzzing, Reverse Engineering, Binary Analysis

Security Researcher