1 个仓库
Tools that identify security fixes by diffing different versions of a compiled binary to locate vulnerability patches.
Distinct from Missing Patch Detection: Candidates focus on applying patches to containers or auditing missing patches on systems, not analyzing the binary diff to find the fix.
Explore 1 awesome GitHub repository matching security & cryptography · Vulnerability Patch Analyzers. Refine with filters or upvote what's useful.
Diaphora 是一款二进制差异分析工具和相似度引擎,旨在比较编译后的二进制文件并识别已更改或匹配的代码段。它作为逆向工程插件运行,通过汇编分析和图论映射函数之间的关系并检测编译单元。 该项目专注于漏洞补丁分析,允许用户通过比较二进制文件的不同版本来检测安全修复。它在二进制文件之间同步分析元数据(如符号名称和注释),并通过比较反编译的伪代码来生成补丁。 该引擎利用控制流图和启发式匹配来计算函数之间的相似度比率。其更广泛的功能包括映射调用图、识别目标文件边界,以及通过关系数据库管理分析状态,以促进大规模的交叉引用。
Specializes in vulnerability patch analysis by comparing binary versions to detect security fixes.