Gepetto: AI-powered reverse-engineering
2023-07-04, 16:35–16:55 (Europe/Paris), Amphitheater

AI tools have broken out spectacularly in 2022, offering image generation, video upscaling, text completion, and much more.
The recent release of OpenAI's ChatGPT led researchers to discover that the new language model had unexpected security engineering capabilities. In particular, this talk explores the use of the davinci-003 model to automatically comment decompiled functions and suggest new names for their variables.

This led to the creation of Gepetto, an IDA Pro plugin that extracts information from the tool and submits it into OpenAI's API to speed up the analysis dramatically for the rough equivalent of 1$ per day.

The plugin's code is available here:

See also: slides

An OSCP and OSCE-certified penetration tester and malware analyst working as a Senior Security Researcher in the Global Research and Analysis Team (GReAT) at Kaspersky Lab since 2018. Also delivers Kaspersky’s reverse-engineering trainings in Europe. Ivan maintains an open-source dissection tool for Windows executables and his research was presented during several cybersecurity conferences. As a digital privacy activist, he also operates an exit node of the Tor network.

This speaker also appears in: