Available demos

VLC exploit

Through this tutorial you will get an introduction to REVEN, and go through most of its features, including backward data tainting. You will see how to use them to analyze an exploit (whether user...

UAF in IE script engine

We will have a look at the proof of concept for CVE-2018-8653. We will not focus on the vulnerability itself. Instead we will show how REVEN can help analyze the memory management mechanisms that...

Formbook

Formbook is a 32-bit form-grabber and stealer malware. You will learn how to analyze customly encrypted network communications in REVEN, on a real world scenario featuring an execution trace of a...

Tokio chat

This demo is only about the taint and its usage through the API! A simple chat in Rust. This demo consists in using the taint engine to track data across 2 clients and a server, thanks to REVEN's...

Uroburos

This scenario is a 50 seconds record of the Uroburos dropper, executed from the desktop on a Windows 7 x64 SP1. This trace is currently provided without tutorial as a way to experiment by yourself...

BlueKeep

BlueKeep (CVE-2019-0708) is a security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol, which allows remote code execution. With the help of the blog post and tutorial,...

Windows boot from UEFI

Explore the last stages of an OVMF UEFI firmware handing off to the Windows 10 RS5 boot loader and kernel. You will get a glimpse of the information you can obtain with REVEN - where the earliest...

PE parser crash

CVE-2019-1347 is a vulnerability disclosed in October 2019 by Mateusz @j00ru Jurczyk in the Windows relocation mechanism when parsing a PE file. The demo focuses on the beginning of the article...