Internship | Reverse Engineer - Anti-VM Obfuscation Detector

Internship 6 months

Bordeaux

Published on October 31, 2024

  • Contract

    Internship 6 months

  • Location

    Bordeaux

  • Start date

    As soon as possible

  • Study level

    Master level or equivalent

  • Remote working

    Partial

The esReverse platform allows reverse-engineers to perform unique full-system timeless analyses of a system's execution, thereby providing powerful tools to study data flow, hard to reproduce use cases, kernel/application communication mechanisms.

As malware is more than ever present in the cyber world, developing state of the art solutions to analyze and counter them is more important than ever. Using our Time Travel analysis engine is one solution, however, like any system, it has some limitations. Anti-VM / Anti-Emulation techniques may defeat our engine in some scenarios.

The first task is to become familiar with anti-VM techniques and the time travel engine of esReverse. We have emulation engines for various systems such as Windows, Linux and Android for example, you may work on one or multiple of these systems depending on your qualifications and the needs of the team.

Then you will analyze different anti-VM techniques and how they can or can’t defeat our tools. You will characterize the techniques and create detection systems using the python API of our Time Travel engine.

The objective is to create a series of notebooks (python scripts in JupyterLab) that automatically detect anti-VM techniques inside of a time travel trace.

This work will allow you to consolidate and discover aspects of the Windows / Linux system, as well as reverse engineering and software development. 

Directly attached to a member of the R&D team, you will be in charge of the following missions:

  • Identify and/or implement anti-VM detection mechanisms
  • Identify the anti-VM that are defeating our emulation engines
  • Analyze the behavior of such mechanisms and how to counter them
  • Create anti-VM detection scripts inside of time travel traces
  • Document your findings using notebooks and produce a blog post to communicate on your results

You’re perfect for us, if…

  • You are already proficient in reverse engineering, which is a passion of yours.
  • You participated in CTFs or other contests and got significant results.
  • Not mandatory but potentially aligned with the internship duration, you are preparing a master degree and are in your last year of study.
  • You have developed a particular interest in:
  • Reverse Engineering, Vulnerability analysis or Malware analysis
  • Development with Python
  • You have some good knowledge of Assembly (Intel and/or Arm), C programming, IDA or Ghidra, Debuggers, and other tools.
  • You are hacker minded, responsive and have the spirit of initiative.
  • You demonstrate autonomy in your assignments.
  • You demonstrate good interpersonal skills that will allow you to work as a team effectively.
  • You have a good writing level in English.

Benefits

  • Support from professionals in a cutting-edge and booming business sector
  • Dynamic work environment within a young and friendly team
  • High performance work equipment
  • Flexible working hours
  • Space dedicated to talent development
  • “Tickets restaurant” covered up to 50%
  • Annual events, snacks and drinks

Application deadline

As long as the job is online

Job Category

Programming

More about the company