Kaitai Struct is the new declarative language and a free/open source
toolset to aid “black box” reverse engineering of unknown file
formats, network protocols and basically all other forms of binary
data.The basic idea is simple: a reverse engineer creates declarative
format spec in Kaitai Struct language (.ksy), which can be rapidly
checked against target binary files (or network captures) using our
visualization tools. This enables the engineer to bring forth lots of
conjectures and check them quickly, concentrating only on those that
will prove to be valid. When the job is done, .ksy spec can be
compiled to a ready-made parsing library in one of 8 supported target
languages: C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby, or
converted into human-readable format diagram (powered by GraphViz).Kaitai Struct language is pretty powerful: it can be used to describe
fairly complex data structures like file systems, data containers,
media formats, disassemble bytecode, and do lots more.The presentation will cover origin of the idea, compare various
existing approaches to file format reversing problem, explain pros and
cons, and give introduction to Kaitai Struct language, showcasing some
reverse engineering techniques using it.