In-Vehicle System Module Information Security Testing Tool → Cybellum V-Ray
Cybellum V-Ray™
An automated vulnerability detection platform that provides complete component visibility and risk assessment. By utilizing automated reverse engineering to scan program firmware and mimicking hacker attack methodologies, V-Ray efficiently detects security vulnerabilities and threats. Following an automated scan that requires no source code, V-Ray clearly displays the security risks of all integrated components. This enables development teams to accurately assess component risks, remediate vulnerabilities in a timely manner, and release products securely.
An automated vulnerability detection platform that provides complete component visibility and risk assessment. By utilizing automated reverse engineering to scan program firmware and mimicking hacker attack methodologies, V-Ray efficiently detects security vulnerabilities and threats. Following an automated scan that requires no source code, V-Ray clearly displays the security risks of all integrated components. This enables development teams to accurately assess component risks, remediate vulnerabilities in a timely manner, and release products securely.
Cybellum’s security solution acts as a “Swiss Army Knife” for vulnerability detection. Composed of cutting-edge offensive and defensive security technologies, it continuously searches for and validates the latest global security threats.
Our Core Vulnerability Detection Algorithm: Machine Learning
Our primary algorithm for detecting vulnerabilities is based on state-of-the-art machine learning technology, operating in two phases:
Our primary algorithm for detecting vulnerabilities is based on state-of-the-art machine learning technology, operating in two phases:
1. Learning Phase
During the learning process, we download thousands of publicly classified vulnerability databases and synthesize millions of confidential vulnerability records. From these, we extract all possible parameters for each vulnerability type (e.g., stack call method names, different parameter types, etc.). The machine learns from these diverse samples to comprehensively understand the probability of occurrence for each vulnerability category and the associated testing methods. After this extensive training, the system develops a methodology to rapidly generate information on “fragility points”—locations within a binary file with a high probability of containing vulnerabilities—when given any binary file.
During the learning process, we download thousands of publicly classified vulnerability databases and synthesize millions of confidential vulnerability records. From these, we extract all possible parameters for each vulnerability type (e.g., stack call method names, different parameter types, etc.). The machine learns from these diverse samples to comprehensively understand the probability of occurrence for each vulnerability category and the associated testing methods. After this extensive training, the system develops a methodology to rapidly generate information on “fragility points”—locations within a binary file with a high probability of containing vulnerabilities—when given any binary file.
2. Operational Phase
This technology consists of two main components: Static and Dynamic analysis.
This technology consists of two main components: Static and Dynamic analysis.
- Static Analysis: Statically traverses packaged binary files and performs disassembly to identify categories of publicly known vulnerabilities, program fragility points, build issues, and more. Through continuous detection and algorithmic learning, it ultimately generates a table of vulnerable information.
- Dynamic Analysis: Executes the binary file within a highly customized execution environment (similar to a “sandbox”). The goal is to monitor triggered program vulnerabilities in real-time with high accuracy, issue immediate alerts, and generate assessment reports.
Product Technology
Based on fragility point analysis and including methods such as stress testing, every newly discovered vulnerability or newly disclosed public threat is fed back into the machine learning process to continuously improve the algorithm.
Based on fragility point analysis and including methods such as stress testing, every newly discovered vulnerability or newly disclosed public threat is fed back into the machine learning process to continuously improve the algorithm.
Detectable Vulnerability Types Include:
Publicly Exploitable Vulnerabilities
- Vulnerabilities from multiple public and proprietary databases
- National Vulnerability Database (NVD)
- GitHub Issue Trackers
- Open-source project bug trackers
Memory Corruption
- Buffer Overflows (Heap/Stack)
- Buffer Reads (Heap/Stack)
- Invalid Page Faults
- Deadlocks
- Integer Overflows
- Null Pointer Dereferences
- Uninitialized Data
- Double Free
- Use-After-Free
- Out-of-Bounds Memory Access
- Division by Zero
- Type Confusion
Security Misconfigurations
- Address Space Layout Randomization (ASLR)
- Stack Smashing Protector (SSP)
- Non-Executable Space Protection (NX)
- Relocation Table Protection (RELRO)
- Stack Canary Protection
- SAFESEH
- Data Execution Prevention (DEP)
- Control Flow Guard (CFG)
- Symbol Stripping
- Hardening Sources
Dangerous Security Practices
- Best Practice Coding Errors
- Error Handling Issues
- Information Leakage:
- Hardcoded Credentials
- Plaintext Passwords
- Hashed Passwords
- Exposure of Emails, IPs, URLs, File Paths
- Encryption Issues:
- Accessible Encryption Keys
- Unencrypted Communications
- Exposed Private Encryption Keys
- Violations of Security Best Practices
- Dangerous/Deprecated Functions
License Type Detection
- Apache License 2.0
- BSD 3-Clause “New” or “Revised” License
- BSD 2-Clause “Simplified” or “FreeBSD” License
- GNU General Public License (GPL)
- GNU Library or “Lesser” General Public License (LGPL)
- MIT License
- Mozilla Public License 2.0
- Common Development and Distribution License (CDDL)
- Eclipse Public License (EPL)
Supported Platforms
- Linux
- Android
- QNX
- Windows
- NetBSD
- FreeBSD
- Proprietary RTOS (Real-Time Operating Systems)
Supported Architectures
- x86
- x64
- ARM7, ARM9, ARM11
- MIPS
- PowerPC
- SuperH
- TriCore
About Cybellum
Cybellum was founded by professionals from the elite cyber units of the Israel Defense Forces (IDF). Composed of experts in both offensive and defensive security, the team leverages its extensive military experience to tackle the most challenging aspects of vulnerability detection.
Cybellum was founded by professionals from the elite cyber units of the Israel Defense Forces (IDF). Composed of experts in both offensive and defensive security, the team leverages its extensive military experience to tackle the most challenging aspects of vulnerability detection.