Recent versions of GCC, 4.5+, now have the ability to accept user developed plugins, which can aid in both the processing and analysis of input programs to GCC. This feature provides a subset of the GCC API allowing developers to extend the capabilities of the compiler by writing their own optimization or analysis passes. Such an extension can also provide useful information to those interested in static analysis, as well as providing a great way to learn more about aspects regarding GCC.

This presentation discusses how to get started in writing plugins, and provides several plugins which can be of use to the security community. Namely, two malware obfuscation techniques, pseudo random nop insertion and encrypted read-only string data.