csvl / SEMA
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.
☆113Updated last month
Alternatives and similar repositories for SEMA:
Users that are interested in SEMA are comparing it to the libraries listed below
- Code for the paper "EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis"☆28Updated last year
- ☆14Updated 2 years ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆91Updated last month
- Hardening code obfuscation against automated attacks☆131Updated last year
- ☆67Updated 2 years ago
- Blogpost about optimizing binary-only fuzzing with AFL++☆64Updated last year
- Damn Vulenerable Kernel Module for kernel fuzzing☆58Updated 5 months ago
- Get information about stripped rust executables☆29Updated last week
- A Unit-Based Symbolic Execution Method for Detecting Heap Overflow Vulnerability in Executable Codes☆22Updated 2 years ago
- A library for writing plugins in any decompiler: includes API lifting, common data formatting, and GUI abstraction!☆100Updated last week
- ☆101Updated 2 years ago
- Dynamic-Static binary instrumentation framework on top of GDB☆51Updated last year
- Dataset of packed PE samples☆33Updated 9 months ago
- ☆11Updated 7 months ago
- Powershell script deobfuscation using AST in Python☆65Updated last year
- ☆59Updated 11 months ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆70Updated last year
- Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more☆62Updated last month
- UnpacMe IDA Byte Search☆28Updated last year
- Practical Data-Only Attack Generation☆39Updated 10 months ago
- Writeups for CTF challenges☆31Updated last year
- ☆36Updated last year
- A tool for firmware cartography☆147Updated 3 months ago
- ☆31Updated 2 years ago
- This repository contains dynamic and static tools for IoT malware analysis☆21Updated 2 years ago
- The SAILR paper's evaluation pipline for measuring the quality of decompilation☆109Updated 4 months ago
- A command line tool for extracting machine learning ready data from software binaries powered by Radare2☆69Updated 2 weeks ago
- AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.☆70Updated 11 months ago
- Leveraging patch diffing to discover new vulnerabilities☆119Updated 5 months ago
- ☆28Updated 2 months ago