6 repositorios
Programmable platforms for automated binary analysis and symbolic execution.
Explore 6 awesome GitHub repositories matching part of an awesome list · Binary Analysis Frameworks. Refine with filters or upvote what's useful.
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the
Platform-agnostic binary analysis framework.
capa is a binary capability scanner that identifies high-level behaviors and actions an executable can perform, such as network communication or file manipulation. It functions as a malware behavior analysis tool and a MITRE ATT&CK mapping framework, scanning PE, ELF, .NET, and shellcode files through both static analysis and dynamic sandbox report processing. The tool distinguishes itself through a YAML-based detection rule engine that defines detection logic in human-readable files, with conditions expressed as feature combinations and logical operators. It integrates with IDA Pro, Ghidra,
Identify capabilities in PE, ELF or .NET executable files.
LIEF es un framework para analizar, modificar y analizar formatos binarios ejecutables y cachés compartidas del sistema en múltiples plataformas. Sirve como biblioteca multiplataforma para la manipulación programática de archivos binarios ELF, PE y MachO. El proyecto proporciona herramientas para alterar la estructura interna y las secciones de archivos ejecutables para cambiar el comportamiento del programa. Incluye además un analizador dedicado para recuperar bibliotecas dinámicas individuales de cachés compartidas del sistema combinadas. El conjunto de herramientas cubre el análisis de ejecutables binarios, desensamblado de código máquina y la extracción de metadatos de depuración e información de símbolos. Admite además la traducción bidireccional de código máquina y ensamblador a través de varias arquitecturas de procesador.
Instrument, parse, and rebuild PE, ELF, Mach-O, and DEX formats.
Triton is a dynamic binary analysis framework designed to automate reverse engineering. It functions as a multi-architecture CPU emulator, an SMT-based symbolic execution engine, and a dynamic taint analysis tool. The framework translates raw machine instructions into abstract syntax trees, allowing it to represent binary program logic as a structured intermediate representation. This allows the system to map multiple hardware instruction sets to a single analysis framework and translate machine instructions into mathematical formulas for solving constraints. Its capabilities cover the simul
Dynamic binary analysis library.
Platform for Architecture-Neutral Dynamic Analysis
Platform for architecture-neutral dynamic analysis.
Binary Analysis Platform
A framework for binary analysis and program verification.