Karta – Source Code Assisted Fast Binary Matching Plugin For IDA

“Karta” (Russian for “Map”) is an IDA Python plugin that identifies and matches open-sourced libraries in a given binary. The plugin uses a unique technique that enables it to support huge binaries (>200,000 functions), with almost no impact on the overall performance. The matching algorithm is location-driven. This means that it’s main focus is toRead More

OverRide – Binary Exploitation And Reverse-Engineering (From Assembly Into C)

Explore disassembly, binary exploitation & reverse-engineering through 10 little challenges. In the folder for each level you will find: flag – password for next level README.md – how to find password source.c – the reverse engineered binary dissasembly_notes.md – notes on asm See the subject for more details. For more gdb & exploitation fun checkRead More

Sploit – Go Package That Aids In Binary Analysis And Exploitation

Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit is to be able to have a well designed API with functionality that rivals some of the more common Python exploit development frameworks while taking advantage of the Go programming language. Excellent cross-compiler support, goroutines,Read More

E9Patch – A Powerful Static Binary Rewriting Tool

E9Patch is a powerful static binary rewriting tool for x86_64 Linux ELF binaries. E9Patch is: Scalable: E9Patch can reliably rewrite large/complex binaries including web browsers (>100MB in size). Compatible: The rewritten binary is a drop-in replacement of the original, with no additional dependencies. Fast: E9Patch can rewrite most binaries in a few seconds. Low Overheads:Read More

Go_Parser – Yet Another Golang Binary Parser For IDAPro

Yet Another Golang Binary Parser For IDAPro  NOTE: This master branch is written in Python2 for IDAPython, and tested only on IDA7.2/IDA7.0. If you use IDAPython with Python3 and higher version of IDAPro, please use Python3 Branch for go_parser. Inspired by golang_loader_assist and jeb-golang-analyzer, I wrote a more complete Go binaries parsing tool forRead More

FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) – A Distributed Evolutionary Binary Fuzzer For Pentesters

FLUFFI – A distributed evolutionary binary fuzzer for pentesters. About the project High level overview Getting started Usage HOWTOs Technical Details Contributing to FLUFFI LICENSE Bugs found So far, FLUFFI was almost exclusively used on SIEMENS products and solutions. Bugs found therein will not be published. However, FLUFFI found the following published bugs (please helpRead More

Santa – A Binary Whitelisting/Blacklisting System For macOS

Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension (or a system extension on macOS 10.15+) that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of a block decision and aRead More

Zelos – A Comprehensive Binary Emulation Platform

Zelos (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform. One use of zelos is to quickly assess the dynamic behavior of binaries via command-line or python scripts. All syscalls are emulated to isolate the target binary. Linux x86_64 (32- and 64-bit), ARM and MIPS binaries are supported. Unicorn provides CPU emulation. FullRead More

ABD – Course Materials For Advanced Binary Deobfuscation

Advanced Binary DeobfuscationThis repository contains the course materials of Advanced Binary Deobfuscation at the Global Cybersecurity Camp (GCC) Tokyo in 2020. Course AbstractReverse engineering is not easy, especially if a binary code is obfuscated. Once obfuscation performed, the binary would not be analyzed accurately with naive techniques alone. In this course, you will learn obfuscationRead More