One of our users compared vulnerability research as trying to find a needle in the proverbial haystack and shared with us how REVEN makes a huge difference. This inspired us to announce REVEN 2.6.

You can now search for any pattern of bytes on an entire system execution.
Here, the needle is a pattern of bytes, and the haystack is the entire memory during the billions of instructions that a trace can contain, it's the big haystack.

This has many important applications, such as:
- finding the aliases of a pointer in memory,
- finding usages of cryptography by looking for cryptographic constants,
- Identifying where/if a file is mapped in memory by looking for its content,
- etc.

o Working from WinDbg
When you are used to a tool like WinDbg, it is always difficult to switch to another tool like REVEN, no matter how good it is. You don't have to! Combine the best of WinDbg and REVEN. We added support for stepping commands and breakpoints.

Take advantage of REVEN tainting, memory history, timeless analysis, API, etc. without giving up WinDbg.

o Fuzzing & Taint slicing
When it comes to analyzing crashes, automatically or not, @richinseattle from http://Fuzzing.io   convinced us that Taint slicing makes a huge difference in extracting the sub-programs that are relevant (to get the needle). It is now in REVEN!

o Understanding a binary by tracing its calls to external binaries
For several versions, we have regularly added scripts, API entries, and features to make life easier for analysts, whether it is analyzing vulnerabilities, malware, or automating the analysis process.

o This version adds a "ltrace" type tool. For a given binary in the trace, this tool finds all calls to functions of other binaries, with their params and return types. The combination of its results with other REVEN APIs makes it possible to implement very interesting algorithms

For details: https://blog.tetrane.com/2020/Announcing-REVEN-Version-2-6.html