bap
capstone
Our great sponsors
bap | capstone | |
---|---|---|
3 | 1 | |
1,975 | 5,294 | |
1.8% | - | |
4.5 | 5.3 | |
11 days ago | over 2 years ago | |
OCaml | C | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bap
-
Any standard algorithms for parsing (disassembling) machine code?
BAP (https://github.com/binaryanalysisplatform/bap), angr (https://angr.io/) and others already do what you're asking for as more purpose-built solutions for dynamic analysis. Angr specifically in python.
- You need to stop idolizing programming languages.
-
Starting ocaml
I find this pretty good https://www.cs.cornell.edu/courses/cs3110/2019sp/textbook/intro/ocaml.html. Fun projects include compilers (pattern matching and static types are why Ocaml is usually selected), binary analysis stuff https://github.com/BinaryAnalysisPlatform/bap, stuff that requires async so you can try out nomadic async stuff, or really anything you desire.
capstone
What are some alternatives?
VMProtect-devirtualization - Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.
Unicorn Engine - Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
radare2 - UNIX-like reverse engineering framework and command-line toolset
angr - A powerful and user-friendly binary analysis platform!
zydis - Fast and lightweight x86/x86-64 disassembler and code generation library
klee - KLEE Symbolic Execution Engine
ret-sync - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
MobileApp-Pentest-Cheatsheet - The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
android-inline-hook - :fire: ShadowHook is an Android inline hook library which supports thumb, arm32 and arm64.
ocamlformat - Auto-formatter for OCaml code
cv32e40p - CV32E40P is an in-order 4-stage RISC-V RV32IMFCXpulp CPU based on RI5CY from PULP-Platform