qiling
ddisasm
Our great sponsors
qiling | ddisasm | |
---|---|---|
10 | 4 | |
4,837 | 619 | |
7.5% | 3.4% | |
6.2 | 9.5 | |
about 1 month ago | 12 days ago | |
Python | C++ | |
GNU General Public License v3.0 only | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
qiling
- Qiling: A True Instrumentable Binary Emulation Framework
-
Unicorn Engine problem with map
Sounds more like r/ReverseEngineering. If what you want to do is some dynamic analysis or just play around, maybe try using qiling, it's built on top of unicorn and is made by the same authors. It will take care of loading the file for you.
- qiling: Qiling Advanced Binary Emulation Framework
- Qiling Advanced Binary Emulation Framework
-
MoonBounce: UEFI Malware
https://github.com/qilingframework/qiling Is probably what you are looking for
- Qiling – Advanced Binary Emulation Framework
-
QilingLab: a series of challenges by Th3Zer0 to train your Qiling skills 💪🏾 -- solve 'em all and share your writeup!
It is s binary emulation framework, which you can use to emulate different binaries for different architectures. On top of that you can use Qiling APIs to debug the emulation process, hook syscalls, etc. It's like Unicorn + Qemu + Frida. More info here: https://github.com/qilingframework/qiling
- How to perform full MIPS system emulation with QEMU, using the squashfs image and uBoot kernel image extracted from a rotuer firmware?
-
PyPANDA: Generic unpacking based on whole-system record and replay with Ghidra integration. Including interview with author of paper and tool Luke Craig.
qiling is built on unicorn directly. qiling focuses on emulating binaries (read: emulating a single program and not an OS). It uses the binary blob work to load binaries and their associated shared objects. It then hooks the OS calls and presents an interface to the program as though it has interacted with an OS. see here
-
Opensource Security Framework Stake Pool
We started this project since 2019 Nov, currently they are around 70+ developers and 2,200++ stars in our Github page (https://github.com/qilingframework/qiling)
ddisasm
-
Starting an open-source re-implementation of an old game
The closest you can get to something like you describe is https://github.com/GrammaTech/ddisasm, but even that won't give you a byte-exact result due to alignment and instruction encoding differences. And it's not perfect, you'll get subtle new bugs. And distributing it is problematic.
-
Is taking the ASM dump from Ida pro after human correction a good way to re-write the software from scratch?
Reassembling is easier but still pretty hard if you want something actually modifiable cause you need to distinguish code and data and find cross-references. There's a research project: https://github.com/GrammaTech/ddisasm
- Program modification via reassembling
-
Hacking a game with DLL injection [Game Hacking 101]
It would be interesting to explore a different path: https://github.com/GrammaTech/ddisasm
What are some alternatives?
angr - A powerful and user-friendly binary analysis platform!
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
frontier-silicon-firmwares - Frontier silicon internet radio firmware binaries
e9patch - A powerful static binary rewriting tool
panda - Platform for Architecture-Neutral Dynamic Analysis
pharos - Automated static analysis tools for binary programs
drakvuf-sandbox - DRAKVUF Sandbox - automated hypervisor-level malware analysis system
Triton - Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
e9afl - AFL binary instrumentation
simplify - Android virtual machine and deobfuscator
B2R2 - B2R2 is a collection of useful algorithms, functions, and tools for binary analysis.