Uninformed: Informative Information for the Uninformed

Current v9 v8 v7 v6 v5 v4 v3 v2 v1 All About
Vol 4» 2006.Jun


Next: Background Up: Improving Automated Analysis of Previous: Foreword   Contents

Introduction

The demand for techniques that can be used to improve the analysis process of Windows x64 binaries will only increase as the Windows x64 platform becomes more accepted and used in the market place. There is a deluge of useful information surrounding techniques that can be used to perform code and data flow analysis that is also applicable to the x64 architecture. However, techniques that can be used to better annotate and streamline the initial analysis phases, such as identifying functions and describing their stack frames, is still a ripe area for improvement at the time of this writing. For that reason, this paper will start by describing some of the changes that have been made to support Windows x64 binaries. This background information is useful because it serves as a basis for understanding a few basic techniques that may be used to improve some of the initial analysis phases. During the course of this paper, the term Windows x64 binary will simply be reduced to x64 binary in the interest of brevity.