GeekWire Calendar

Meetups, conferences, startup events, and geeky gatherings in the Pacific Northwest and beyond. Browse for local tech events, or search by date or keyword. Submit your event below for consideration for the GeekWire Calendar. Look for highlights from the GeekWire Calendar each week on GeekWire, and check out GeekWire's own unique series of signature tech events in the Seattle region.

Loading Events

« All Events

  • This event has passed.

SeaJUG: Using Antlr In Cybersecurity

June 20 @ 6:45 pm - 8:30 pm


Another Tool for Language Recognition (Antlr) is a Java-based parser generator. You define your language grammar and out pops a parser! In addition to designing your own languages, Antlr grammars for many existing programming languages are available, including C. Using Antlr and StringTemplate, a templating engine also from the Antlr camp, we can do source-to-source translation of C code automagically. We’ll then combine this C code with an API hooking technology, such as MS Detours. The result is a tool for real-time program behavior monitoring, as used in malware analysis and digital forensics.

Speaker: Stuart Maclean

Stuart Maclean’s day job is all embedded software for ocean instruments, but he also dabbles in building cybersecurity tools using Java. He thinks API hooking systems like Cuckoo Sandbox are way cool. In goes a malicious program and out comes a description of that program’s interaction with the system — files opened, registry keys deleted, network connections made, etc. Yet Cuckoo hooks only a small subset of the vast Windows API. Stuart used Antlr and StringTemplate to auto-generate API hooking routines, so increasing program code coverage. In doing this work, Stuart has learned that there’s only one thing more tortuous that parsing C, and that’s parsing …. come to SeaJUG to find out!


June 20
6:45 pm - 8:30 pm
Event Categories:
, , , ,
Event Tags:
, , , ,


925 4th Ave
Seattle, WA 98104 United States


Nimret Singh Sandhu