Reflash Flash Research Framework

Jarkko Turkulainen, a Senior Researcher on our Threat Intelligence team, has (today!) publicly released a research tool called Reflash. It’s a proof-of-concept framework for analyzing Adobe Flash files. It produces an SQL database of Flash VM stack trace by injecting dynamically generated instrumentation to Flash files. The SQL database can later be analyzed with various tools.

Jarkko presented the tool at AVAR 2016 and some people have asked about its availability. So… here it is, released as open source under a GPL-v3 license.

In the Reflash repository, there is also a technical research paper for those interested in the internals of the tool.


And Jarkko’s presentation, available here, is helpful for those wanting to set up the tool.


Jarkko presenting at AVAR 2016.

Share and enjoy.

Tagged: Flash, Malware, Paper, Presentation, Security Research, Th3 Cyb3r Source:

Leave a Reply