Displaying 1 to 7 from 7 results

Triton - Triton is a Dynamic Binary Analysis (DBA) framework


Triton is a dynamic binary analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a Taint engine, AST representations of the x86 and the x86-64 instructions set semantics, SMT simplification passes, an SMT Solver Interface and, the last but not least, Python bindings. Based on these components, you are able to build program analysis tools, automate reverse engineering and perform software verification. As Triton is still a young project, please, don't blame us if it is not yet reliable. Open issues or pull requests are always better than troll =).

manticore - Symbolic execution tool


Manticore is a symbolic execution tool for analysis of binaries and smart contracts. Manticore is supported on Linux and requires Python 2.7. Ubuntu 16.04 is strongly recommended. Ethereum smart contract analysis requires the solc program in your $PATH.

mcsema - Framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode


McSema is an executable lifter. It translates ("lifts") executable binaries from native machine code to LLVM bitcode. LLVM bitcode is an intermediate representation form of a program that was originally created for the retargetable LLVM compiler, but which is also very useful for performing program analysis methods that would not be possible to perform on an executable binary directly. McSema enables analysts to find and retroactively harden binary programs against security bugs, independently validate vendor source code, and generate application tests with high code coverage. McSema isn’t just for static analysis. The lifted LLVM bitcode can also be fuzzed with libFuzzer, an LLVM-based instrumented fuzzer that would otherwise require the target source code. The lifted bitcode can even be compiled back into a runnable program! This is a procedure known as static binary rewriting, binary translation, or binary recompilation.

PinTools - Pintool example and PoC for dynamic binary analysis


I just decided to centralize my old and next Pin tools about program analysis in this repo. Be careful, these pintool are not reliable. They are here just as PoC and to provide some ideas.




pev - The PE file analysis toolkit


pev is a full-featured, open source, multiplatform command line toolkit to work with PE (Portable Executables) binaries. Please check the online documentation for more details.

hex - Hex viewer


hex is yet another hex viewer. It automatically interprets fields within files using a set of Lua scripts, colorizing them and showing descriptions on the side. At the moment there aren’t that many features and we only have a few decoders.

node-elm-repl - 👌 JavaScript tool, which provides fast access to the types (as structures, not just strings) and values of Elm expressions


Actually the name may confuse you, so I would make it clear from the start, that technically what you see here is TOTALLY NOT the REPL. At least, by itself. It is the replacement for the REPL for those who need to know the evaluated values together with their types in their entirety (not just string-encoded boring types, but a structures defining the type, like... JSON Elm Type AST) for Elm expressions in JavaScript environment. Also, this tool may help you make some REPL... in JavaScript. If these points are applicable to you, but you are still uncertain if you need this, please read The "Modern Binary Reverse Engineering with Node.js for Elm" Article (written by me) which describes in the very details, what is done here and how it works. Another way for you, in this case, is just to use this binary tool which was developed later than this one, and which is driven by Haskell (which is an advantage), so has a compiled binary (which is an advantage) and uses the "core" code to get the type information (which is an advantage), but has no ability to get values (which is whatever) and only has types in their stringified form (which is a disadvantage, but may be implementing it for an author is just a matter of time).