Chip & System Security Testing 
Mobile & Backend Security Testing 
Our Company 
Blog
Contact us
eShard
/
esreven

esReven, Reverse Engineering by eShard

Our engine allows Timeless dynamic analysis for Vulnerability and Malware Analysis to empower your experts for getting ahead of security analyses.
Trial esReven
Download our brochure

Getting into the unknown with effectiveness

When facing a new target for vulnerability research or an unknown markware, reverse engineering capabilities are central for these analyses. Analysts must combine years of expertise with the best reverse engineering tools to solve the puzzle they face.

Different sets of tools exist, each focusing on different aspects of the problem. All tools and techniques must be combined together since any piece of information counts. However, while static tools turn out to be quite numerous and mature, the scope of dynamic tools may appear more limited and is often limited to debuggers. In addition, those tools don’t provide any solution to capture the path followed by the expert, to empower new hires with the team’s accumulated expertise and to reduce the complexity required to solve the deepest problems.

esReven engine

eShard has built a solution, esReven, combining a unique technology with a knowledge center. It empowers organizations and their analysts to develop and aggregate more expertise while pushing the boundaries of reverse engineering.

With our unique technology for dynamic analyses, named Full System Timeless Analysis, get visibility of a full system execution (CPU, Memory, Hardware Events, network activities, …) during a slice of time combined with the most advanced techniques to analyze any event occurring in that period.

Full System Timeless Analysis

Simultaneously examine and monitor all your systems, applications, and processes: Getting beyond the usual application level enables analyzing Windows and Linux kernel vulnerabilities, getting into applications that span multiple processes and use interprocess communications. The full system is a requirement when applying advanced algorithms like data tainting.

The Timeless Analysis provides a full system analysis environment with the ability to move at any point of time of its execution, backward or forward, in a click. Identify points of interest, follow the trail crossing processes or kernel boundaries, apply advanced techniques and algorithms. Combined with the full system visibility, getting to root causes becomes possible even for the most complex problems.

How does the timeless analysis work?

With esReven, record the runtime execution you are interested in. It captures the full system and get all corresponding internal data at any point of time. This can be achieved via a dedicated GUI, but also via API that you can call from a Jupyter Lab notebook. Why? Simply because you may be willing to seal your analysis in time and make sure that you or another person can understand the logic of your analysis and replay it.

The esReven record is central to the knowledge building process because it creates a permanent repository of use cases to maintain and spread expertise among team members. On the contrary, other tools, such as debuggers, do not have a lasting effect on the organization.

Key uses-cases:

  • Vulnerability research, including patch analysis, automated fuzzing results triage
  • Advanced system or application analysis
  • Bespoke Malware analysis

Knowledge Center: Reconciling know and how in Reverse engineering

How to go beyond a tool? Vulnerability or malware analysis is a matter of expertise. Expertise is more than tool capabilities. It is also about reconciling knowledge and tools. Our philosophy is to empower an expert team with a know-how platform.

By leveraging Jupyterlab notebooks, it is possible to build internal knowledge by calling the tool via API or built-in widgets. It becomes possible to retain or share your expertise. Ramp-up new experts and de-risk people movement. Collaboration becomes effective

eShard developed high value notebook libraries benefiting from years of R&D in dynamic analyses and good practices. This is a source of technical material, ready to use and easily applicable to your specific use case.

Key features

Full System Analysis

esReven captures a time slice of a full system execution to provide the total visibility of the system under analysis.

Timeless Analysis

Move forwards and backwards through the recorded process.

Data Tainting

Follow the data and highlight connections that are otherwise very hard to discover with other reverse engineering tools.

API

The analysis features are available through APIs and are combined to build powerful analysis techniques.

Testimonials & Success Stories

Open-IC.png

esReven is the most amazing piece of software I have ever used for system-level analysis. It provides an unprecedented level of detail of the system execution state. It allows me to perform “time travel” debugging of the entire system (both kernel and user mode) with great ease. Its reverse/forward taint analysis engine is also vulnerability analysis.

It is truly a reverse engineer’s dream tool.”

end-reven-1.png

Open-IC.png

“Systems are built on layers of complexity which just add new attack surfaces instead of real protection

esReven gives you the unique ability to quickly dissect the layer of complexity and discover vulnerabilities otherwise easily obscured from public security.”

end-reven-2.png

Open-IC.png

“It can be very time consuming to determine if a bug is exploitable or not.

This reverse engineering platform allows us to identify the exploitability of the bug quickly.”

end-reven-3.png

Open-IC.png

"esReven is the dream technology for anyone who wants to understand what a binary does time-wise. It enables to quicly get around the most complex protection mechanisms like packers, crypto, timers or even multi-stage payload. The time saved is invaluable!

The best way to analyze targeted campaigns."

end-reven-4.png

CopyRights eShard 2023.
All rights reserved
Privacy policy | Legal Notice
SECURITY TESTING SOLUTIONS
Side Channel AnalysisLaser & EM Fault InjectionFirmware Security AnalysisSecurity Failure AnalysisVulnerability ResearchMAST: Mobile Application Security Testing