cbwang505 / DIYDynamoRIOLinks
动态二进制插桩框架DynamoRIO通过将程序代码进行反复插桩(Instrumentation)执行构建了源程序代码与操纵代码之间的桥梁,使DynamoRIO的客户端编写者能够在更高的层面上驾驭原有的程序代码.虽然程序的载体还是被编译成原生的汇编指令集执行,但是不管是原生代码还是程序行为逻辑DynamoRIO为我们提供丰富的API已经把这些封装成了足够友好操作方式暴露给客户端编写者使用,用户可以透明的修改原有的程序代码(HotPatch),执行追踪,Hook,调试,模拟等高级运行时操纵(Runtime Code Manipulation )技术.本文主要分析DynamoRIO插桩的主要流程和实现原理,深入源码片段中几个有意思的小节体现作者构思的巧妙之处,并附加相关demo分析让读者加深…
☆34Updated 3 years ago
Alternatives and similar repositories for DIYDynamoRIO
Users that are interested in DIYDynamoRIO are comparing it to the libraries listed below
Sorting:
- Library for Capstone instruction to LLVM IR translation☆47Updated 7 years ago
- Static Binary Instrumentation☆121Updated 4 years ago
- 搜集的一些kernel paper☆25Updated 5 years ago
- This is an IDA plugin to recover class information from C++ binary.☆19Updated 5 years ago
- An IDA processor for eBPF bytecode☆68Updated 11 months ago
- Toy LLVM obfuscator pass☆73Updated 4 years ago
- ☆41Updated 5 years ago
- IDA plugin: fold decomplied code☆11Updated 3 years ago
- a plugin for ida of version 7.2 to help know F5 window codes better☆54Updated 6 years ago
- Debug IDAPython in VSCode☆27Updated 2 years ago
- Using LLVM Pass to obfuscate program☆85Updated 4 years ago
- Symbolic Execution Engine based on Ghidra's PCode☆84Updated 2 years ago
- 一个将 vmnote 指令集重编译成 x64 指令集的脚本,并且可以用 IDA 进行分析。☆15Updated 4 years ago
- Intel PT log analyzer With Parallel Processing And Basic Block Offset Caching Support☆71Updated last year
- Raw IDA Kernel API for IDAPython☆34Updated 3 years ago
- Decode machine code into VEX IR and translate into LLVM IR☆28Updated 6 years ago
- angr源码分析☆33Updated 5 years ago
- FingerMatch is IDA plugin for collecting functions, data, types and comments from analysed binaries and fuzzy matching them in another bi…☆79Updated 4 years ago
- ☆11Updated 6 years ago
- linux system call hook framework☆46Updated 6 years ago
- ☆43Updated 3 years ago
- ☆83Updated 4 years ago
- ☆61Updated 3 years ago
- 笔者在一款基于LLVM编译器架构的retdec开源反编译器工具的基础上,融合了klee符号执行工具,通过符号执行(Symbolic Execution)引擎动态模拟反编译后的llvm的ir(中间指令集)运行源程序的方法,插桩所有的对x86指令集的thiscall类型函数对t…☆220Updated 3 years ago
- nanoMIPS IDA plugin☆68Updated 4 years ago
- Open source of the paper "击败SOTA反混淆方法"☆18Updated 3 years ago
- NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)☆108Updated 4 years ago
- Binary Ninja plugin for forward/backward slicing☆18Updated 4 years ago
- A fork of AFL for fuzzing Windows binaries☆53Updated 6 years ago
- 用于存放IDA的研究资料和文档☆93Updated 4 years ago