> Side Channel Analysis
Ready-to-use side channel tools to assess cryptography algorithms.
> Laser & EM Fault Injection
Make sure your chip withstands different techniques of physical fault injections.
> Firmware Security Analysis
Qualify embedded code binaries without physical devices and benches.
> Security Failure Analysis
Photoemission analysis to explore internal information in a chip.
> Vulnerability Research
Dynamic analyses at a system level for investigating potential vulnerabilities.
> Data Science Platform
esDynamic is a complete data focused platform to leverage the know-how of your team for complex analyses.
> esFirmware Engine
Assess the security of the firmware of IoT devices against logical and physical attacks.
> REVEN Engine
Record and replay vulnerability researches within reverse engineering processes and tools.
> Cybersecurity Training
Grow your expertise with training modules driven by a coach.
> Mobile App Security
Know the threats and risks of your Mobile App.
Integrate the security protections verification in your CI/CD pipeline.
> Automated Mobile App Security Testing
esChecker SaaS: automating the security testing of your mobile app binary.
> Mobile App Penetration Testing
Testing the resiliency of your Mobile App, SDK or RASP tool.
> Backend Penetration Testing
Testing the resiliency of your Web App, API or Backend Systems.
> Coaching for Mobile App Developers
Providing insights into the mobile app threats and how attackers work by a learning-by-doing approach.
REVEN’s proven technology is unique by its ability to explore an application or a system relying on an operating system, such as Windows or Linux. The unreached record and replay feature provides an inside view of the running system, such as its memory, the CPU states or all I/O over the execution.
Exploring and analyzing such a system becomes then possible using REVEN's unique features such as Data tainting, Memory history, and the ready-to-use modules provide a catalog of techniques to effectively support researchers in their work. It allows reverse engineers to solve complex but high value problems.
REVEN’s takes any 32 or 64 bits applications or drivers binaries on x86 or x64 architectures, running on Linux or Windows or just those native systems. Then the unrivaled record and replay can be simply done by a researcher through the Project Manager feature or integrated in a vulnerability analysis platform integrated with a fuzzer.
The vulnerability research itself can be done using REVEN UI, scripted or just automated allowing vulnerability discovery in any applications or within the OS kernel.
REVEN® was designed to integrate within reverse engineering processes and tools. The service and the analysis can be accessed via API, customized, automated and are integrated in tools such as Wireshark, IDA Pro or WinDbg.
In addition, it captures your team knowledge, increasing the effectiveness of your research and facilitating the ramping up of new team members.
Get to the root cause quickly, assess if a vulnerability is exploitable, bypass complex malware protections, and get full visibility of the kernel as well as multi-process software.
“REVEN is the most amazing piece of software I have ever used for system-level analysis. It provides an unprecedented level of detail of the system execution state. It allows me to perform “time travel” debugging of the entire system (both kernel and user mode) with great ease. Its reverse/forward taint analysis engine is also vulnerability analysis.
It is truly a reverse engineer’s dream tool.”
“Systems are built on layers of complexity which just add new attack surfaces instead of real protection
REVEN gives you the unique ability to quickly dissect the layer of complexity and discover vulnerabilities otherwise easily obscured from public security.”
“It can be very time consuming to determine if a bug is exploitable or not.
This reverse engineering platform allows us to identify the exploitability of the bug quickly.”
"REVEN is the dream technology for anyone who wants to understand what a binary does time-wise. It enables to quicly get around the most complex protection mechanisms like packers, crypto, timers or even multi-stage payload. The time saved is invaluable!
The best way to analyze targeted campaigns."