zz
angr
Our great sponsors
| zz | angr | |
|---|---|---|
| 10 | 13 | |
| 1,604 | 7,203 | |
| - | 1.8% | |
| 1.9 | 9.7 | |
| almost 2 years ago | 5 days ago | |
| Rust | Python | |
| MIT License | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
zz
- A "logical" compiler
-
Is it possible to have a superset of the C programming languages standard that is as safe as Rust?
There is this: https://github.com/zetzit/zz
-
ISO C became unusable for operating systems development
You're right that you can't define a safe subset of C without making it practical. MISRA C defines a C subset intended to help avoid C's footguns, but it still isn't actually a safe language. There are alternative approaches though:
1. Compile a safe language to C (whether a new language or an existing one)
2. Formal analysis of C, or of some practical subset of C, to prove the absence of undefined behaviour
Work has been done on both approaches.
ZZ compiles to C. [0] Dafny can compile to C++, but it seems that's not its primary target. [1][2]
There are several projects on formal analysis of C. [3][4][5][6]
[0] https://github.com/zetzit/zz
[1] https://github.com/dafny-lang/dafny
[2] https://dafny-lang.github.io/dafny/
[3] https://frama-c.com/
[4] https://www.microsoft.com/en-us/research/project/vcc-a-verif...
[5] https://www.eschertech.com/products/ecv.php
[6] https://trust-in-soft.com/
-
Foundations of Dawn: The Untyped Concatenative Calculus
Formal methods have been used successfully for decades; it's not just a pipe dream. Perfect software should ideally be something like ultra-low-defect software, though (that's the term the AdaCore folks use).
There are also other projects that aim to make formal software development much easier [0][1] and of course there's SPARK Ada.
[0] https://github.com/zetzit/zz
[1] https://github.com/dafny-lang/dafny
- ZetZ: A zymbolic verifier and tranzpiler to bare metal C Resources
-
Programming in Z3 by learning to think like a compiler
This post reminds me that I've been wanting to try out ZetZ[0]. It incorporates Z3 into a high-level programming language, and seems to do a lot of what the post talks about automatically.
[0] https://github.com/zetzit/zz
-
Grids in Rust, part 2: const generics
I still want to try the ZZ language (https://github.com/zetzit/zz) someday. It compiles to C, and uses a SMT solver to prove that you don't index out-of-bounds at compile time. But I don't like how it lacks generics, uses C idioms, and compiles to C.
-
Another technique to manage memory
The zz language uses a SMT solver to check for program soundness... I haven't tried it, but that's got to be more flexible and resource-hungry.
-
We are building a new systems programming language
Especially the fact that it outputs C code. So interop is seamless.
https://github.com/zetzit/zz
For any systems language, interop with C is the litmus test.
With that in mind, this new language should not require 15,000 lines of standard library. A type-safe wrapper for libc should be enough...
-
Does such a language already exist ("Rust--")?
You might find ZetZ interesting!
angr
-
30 Years of Decompilation and the Unsolved Structuring Problem: Part 1
That's awesome! That's exactly how modern decompilers deal with a special type of goto occurrence. They reduce gotos (or completely eliminate them) by introducing a `while(true)` loop, followed by corresponding `continue` and `breaks`... we all, of course, know that `while(true)` did not exist in the source, but it's a nice hack!
We even do this in the angr decompiler, found here: https://github.com/angr/angr/blob/8e48d001e18a913ecd4ed2e995...
- Ask not what the compiler can do for you
-
The Full Story of Large Language Models and RLHF
One would hope browser and OS vendors would use AI to remediate vulnerabilities but vast majority of software vendors won't ever use it.
Also, automated vulnerability finding is very much real and already used today. This isn't something that has just become viable via LLMs, but I guess LLMs can enhance it:
https://github.com/angr/angr
-
Synthesizing optimal 8051 code with an SMT solver (2020)
Check out angr [1], a symbolic execution engine, and claripy [2], its frontend to SMT solvers like z3.
[1] https://angr.io
[2] https://api.angr.io/claripy.html
-
Any standard algorithms for parsing (disassembling) machine code?
BAP (https://github.com/binaryanalysisplatform/bap), angr (https://angr.io/) and others already do what you're asking for as more purpose-built solutions for dynamic analysis. Angr specifically in python.
-
Can anyone explain to me how to find main function in elf file?
As /u/hkei noted, it's actually quite difficult to do in general, and usually requires some kind of heuristic. For example, see https://github.com/dyninst/dyninst/blob/v12.1.0/dyninstAPI/src/image.C#L476. Full disclosure, I am a Dyninst developer. There is also the python-based angr that might be more amenable to a one-off solution.
-
We are Legitimate Business Syndicate, DEF CON CTF Organizers 2013-2017, Ask Us Anything
I think there's a lot of promise in automation that's been spun off from the CTF community. Angr and Binary Ninja are both very much spinoffs from contest hacking, and are pretty great for helping a skilled hacker find flaws in software.
-
Awesome Penetration Testing
angr - Platform-agnostic binary analysis framework.
-
Programming in Z3 by learning to think like a compiler
angr uses z3.
https://github.com/angr/angr
Supposedly, the DoD has used angr for some use cases.
-
What's a good technology to introduce to my company?
Try using angr to automate bug finding
What are some alternatives?
TinyGo - Go compiler for small places. Microcontrollers, WebAssembly (WASM/WASI), and command-line tools. Based on LLVM.
qiling - A True Instrumentable Binary Emulation Framework
checkedc - Checked C is an extension to C that lets programmers write C code that is guaranteed by the compiler to be type-safe. The goal is to let people easily make their existing C code type-safe and eliminate entire classes of errors. Checked C does not address use-after-free errors. This repo has a wiki for Checked C, sample code, the specification, and test code.
pwntools - CTF framework and exploit development library
CrossHair - An analysis tool for Python that blurs the line between testing and type systems.
RustScan - π€ The Modern Port Scanner π€
micro-mitten - You might not need your garbage collector
frontier-silicon-firmwares - Frontier silicon internet radio firmware binaries
alive2 - Automatic verification of LLVM optimizations
dafny - Dafny is a verification-aware programming language
bap - Binary Analysis Platform