Displaying 1 to 11 from 11 results

Triton - Triton is a Dynamic Binary Analysis (DBA) framework

  •    C++

Triton is a dynamic binary analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a Taint engine, AST representations of the x86 and the x86-64 instructions set semantics, SMT simplification passes, an SMT Solver Interface and, the last but not least, Python bindings. Based on these components, you are able to build program analysis tools, automate reverse engineering and perform software verification. As Triton is still a young project, please, don't blame us if it is not yet reliable. Open issues or pull requests are always better than troll =).

manticore - Symbolic execution tool

  •    Python

Manticore is a symbolic execution tool for analysis of binaries and smart contracts. Manticore is supported on Linux and requires Python 2.7. Ubuntu 16.04 is strongly recommended. Ethereum smart contract analysis requires the solc program in your $PATH.

medusa - An open source interactive disassembler

  •    C++

Medusa is a disassembler designed to be both modular and interactive. It runs on Windows and Linux, it should be the same on OSX. This project is organized as a library. To disassemble a file you have to use medusa_text or qMedusa. Medusa requires the following libraries: boost >= 1.55 (system, filesystem, thread, date_time), OGDF (required git), and Qt5 >= 5.2 for the GUI. You also need CMake for compilation and a C++11 compiler (VS2015 update 2 on Windows). Git is optional but allows to clone remote repository for specific features, see Compilation/Options.

klee - KLEE Symbolic Execution Engine

  •    C++

The core symbolic virtual machine engine; this is responsible for executing LLVM bitcode modules with support for symbolic values. This is comprised of the code in lib/. A POSIX/Linux emulation layer oriented towards supporting uClibc, with additional support for making parts of the operating system environment symbolic.

CrossHair - An analysis tool for Python that blurs the line between testing and type systems.

  •    Python

An analysis tool for Python that blurs the line between testing and type systems. THE LATEST NEWS: Check out the new crosshair cover command which finds inputs to get you code coverage.

symbolic-execution - History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)


There is also temporary timeline of some tools not displayed in the diagrams above. ⚠️ PNG preview could be outdated. See symbolic-execution.svg for the latest version.

Tigress_protection - Playing with the Tigress binary protection

  •    LLVM

Tigress is a diversifying virtualizer/obfuscator for the C language that supports many novel defenses against both static and dynamic reverse engineering and de-virtualization attacks. In particular, Tigress protects against static de-virtualization by generating virtual instruction sets of arbitrary complexity and diversity, by producing interpreters with multiple types of instruction dispatch, and by inserting code for anti alias analysis. Tigress protects against dynamic de-virtualization by merging the real code with bogus functions, by inserting implicit flow, and by creating slowly-executing reenetrant interpreters. Tigress implements its own version of code packing through the use of runtime code generation. Finally, Tigress' dynamic transformation provides a generalized form of continous runtime code modification. If you want more information, you can checkout our solve-vm.py script.


  •    Batchfile

The goal of our project is to build a tool that can automatically analyze Peripheral Interupts for ARM embedded system. The Econotag is an open source and exceptionally simple example of an embedded system which makes it easier for us to testing our approach.

etheno - Simplify Ethereum security analysis and testing

  •    Python

Etheno is the Ethereum testing Swiss Army knife. It’s a JSON RPC multiplexer, analysis tool wrapper, and test integration tool. It eliminates the complexity of setting up analysis tools like Manticore and Echidna on large, multi-contract projects. In particular, custom Manticore analysis scripts require less code, are simpler to write, and integrate with Truffle. If you are a smart contract developer, you should use Etheno to test your contracts. If you are an Ethereum client developer, you should use Etheno to perform differential testing on your implementation. For example, Etheno is capable of automatically reproducing the Constantinople gas usage consensus bug that caused a fork on Ropsten.

sys - Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code

  •    LLVM

Alternatively, you can use the Dockerfile from Ralf-Philipp Weinmann. This will run a more-or-less full version of our test suite, along with regression tests for every bug that we list in the paper. The suite takes a little over two minutes on laptop with 64GB of RAM and 8 threads. All tests with one exception---a bug whose source we're having trouble tracking down---should pass. If anything else fails, try re-running the tests; the solver may have timed out (this hasn't happened on our machines, but since we can't give you a login for annonymity, its a possibility that it will happen on your machine).

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.