A Radare2 based Python module for Binary Analysis and Reverse Engineering.

Related tags

Security related resourcespythondevelopmentbinaryreverse-engineeringmalware-analysisbinary-analysisradare2r2pipe
Overview

Zepu1chr3


A Radare2 based Python module for Binary Analysis and Reverse Engineering.

Installation

  • You can simply run this command.
pip3 install zepu1chr3

How to Use

Specifying a target binary

  • Description: You can specify any binary file to analysis you want. It returns a handler for target file.
import zepu1chr3

zep = zepu1chr3.Binary()
target = zep.File("WannaCry.exe")

Getting symbols from target binary

  • Description: This method will give you what symbols are inside of the target file. It returns an array of symbol information.
import zepu1chr3

zep = zepu1chr3.Binary()
target zep.File("WannaCry.exe")
symbols = zep.GetSymbols(target)

image

Getting imports from target binary

  • Description: This method will give you what imports are inside of the target file. It returns an array of import information.
import zepu1chr3

zep = zepu1chr3.Binary()
target = zep.File("WannaCry.exe")
imports = zep.GetImports(target)

image

Getting functions from target binary

  • Description: This method will give you what functions are inside of the target file. It returns an array of function information.
import zepu1chr3

zep = zepu1chr3.Binary()
target = zep.File("WannaCry.exe")
functions = zep.GetFunctions(target)

image

Getting sections from target binary

  • Description: This method will give you what sections are inside of the target file. It returns an array of section information.
import zepu1chr3

zep = zepu1chr3.Binary()
target = zep.File("WannaCry.exe")
sections = zep.GetSections(target)

image

Disassembling functions or somethings contained in offsets

Getting informations about only machine code

  • Description: This method will give you disassembled function codes if only_codes parameter set to True
import zepu1chr3

zep = zepu1chr3.Binary()
target = zep.File("WannaCry.exe")
disas = zep.DisassembleFunction(target, given_function="entry0", only_codes=True)
second = zep.DisassembleFunction(target, given_function="0x401000", only_codes=True) # You can use offsets to!!

image

Getting every information about machine code (verbose!!)

  • Description: If you set only_codes parameter as False you will get more verbose output.
import zepu1chr3

zep = zepu1chr3.Binary()
target = zep.File("WannaCry.exe")
disas = zep.DisassembleFunction(target, given_function="entry0", only_codes=False)

image

Other functionalities are coming soon!!

You might also like...
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
IDA2Obj is a tool to implement SBI (Static Binary Instrumentation).
IDA2Obj is a tool to implement SBI (Static Binary Instrumentation).

IDA2Obj IDA2Obj is a tool to implement SBI (Static Binary Instrumentation). The working flow is simple: Dump object files (COFF) directly from one exe

Mickey 94 Dec 13, 2022
neo Tool is great one in binary exploitation topic
neo Tool is great one in binary exploitation topic

neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it

Hamza Elansari 4 Oct 10, 2022
A blind SQL injection script that uses binary search aka bisection method to dump datas from database.

Blind SQL Injection I wrote this script to solve PortSwigger Web Security Academy's particular Blind SQL injection with conditional responses lab. Bec

Şefik Efe 2 Oct 29, 2022
Patching - Interactive Binary Patching for IDA Pro
Patching - Interactive Binary Patching for IDA Pro

Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma

null 589 Dec 30, 2022
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

DLLirant DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary. Live Demo How to install You need to install Visual Stud

null 314 Dec 30, 2022
Malware-analysis-writeups - Some of my Malware Analysis writeups

About This repo contains some malware analysis writeups i've created over time m

Itay Migdal 14 Jun 22, 2022
WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.

WinRemoteEnum WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user, sharing the goal of remotely gather

Simon 9 Nov 9, 2022
A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio

Al Sweigart 26 Sep 4, 2022
Owner
Mehmet Ali KERİMOĞLU
Programmer & Security Researcher & Malware Enthusiast
Mehmet Ali KERİMOĞLU
GitHub Repository
This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to

Ajit Kumar 3 Sep 03, 2022
Buffer Overflow para SLmail5.5 32 bits

SLmail5.5-Exploit-BoF Buffer Overflow para SLmail5.5 32 bits con un par de utilidades para que puedas hacer el tuyo REQUISITOS PARA QUE FUNCIONE: Desa

Luis Javier 15 Jul 30, 2022
Python Password Generator

This is a console-based version of a password generator written with Python. The program generates a password based on numbers of letters, numbers, and symbols specified by the user. This is a simple

p.katekomol 1 Jan 24, 2022
Js File Scanner This is Js File Scanner

Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.

122 Dec 12, 2022
SQLi Google Dork Scanner (new version)

XGDork² - ViraX Google Dork Scanner SQLi Google Dork Scanner by ViraX @ 2021 for Python 2.7 - compatible Android(NoRoot) - Termux A simple 'naive' pyt

8 Dec 20, 2022
Show apps recorded storage files by jailbreak

0x101 Show registered storage files of apps by jailbreak Legal disclaimer: Usage of insTof for attacking targets without prior mutual consent is illeg

0x 4 Oct 24, 2022
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are

96 Dec 14, 2022
SpiderFoot automates OSINT collection so that you can focus on analysis.

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of m

Steve Micallef 9k Jan 08, 2023
FBGen is simple facebook user based wordlist generator using Username/ID and cookie.

FBGen is simple facebook user based wordlist generator using Username/ID and cookie.

2 Jul 20, 2022
Ducky Script is the payload language of Hak5 gear.

Ducky Script is the payload language of Hak5 gear. Since its introduction with the USB Rubber Ducky in 2010, Ducky Script has grown in capability while maintaining simplicity. Aided by Bash for logic

Abir Abedin Khan 6 Oct 07, 2022
STATS305C: Applied Statistics III (Spring, 2022)

STATS305C: Applied Statistics III Instructor: Scott Linderman TA: Matt MacKay, James Yang Term: Spring 2022 Stanford University Course Description: Pr

Scott Linderman 14 Aug 11, 2022
Springboot directory scanning

Springboot directory scanning

WINEZERO 87 Dec 28, 2022
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

BhavKaran 1.5k Dec 28, 2022
Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

Jet Berry's 21 Jan 01, 2023
Writing and posting code throughout my new journey into python!

bootleg-productions consider this account to be a journal for me to record my progress throughout my python journey feel free to copy codes from this

1 Dec 30, 2021
威胁情报播报

Threat-Broadcast 威胁情报播报 运行环境 项目介绍 从以下公开的威胁情报来源爬取并整合最新信息: 360:https://cert.360.cn/warning 奇安信:https://ti.qianxin.com/advisory/ 红后:https://redqueen.tj-u

东方有鱼名为咸 148 Nov 09, 2022
I hacked my own webcam from a Kali Linux VM in my local network, using Ettercap to do the MiTM ARP poisoning attack, sniffing with Wireshark, and using metasploit

plan I - Linux Fundamentals Les utilisateurs et les droits Installer des programmes avec apt-get Surveiller l'activité du système Exécuter des program

148 Dec 22, 2022
Course: Information Security with Python

Curso: Segurança da Informação com Python Curso realizado atravès da Plataforma da Digital Innovation One Prof: Bruno Dias Conteúdo: Introdução aos co

Elizeu Barbosa Abreu 1 Nov 28, 2021
A tool to crack a wifi password with a help of wordlist

A tool to crack a wifi password with a help of wordlist. This may take long to crack a wifi depending upon number of passwords your wordlist contains. Also it is slower as compared to social media ac

Saad 144 Dec 29, 2022
Discord-email-spammer-exploit - A discord email spammer exploit with python

Discord-email-spammer-exploit was made by Love ❌ code ✅ 🎈 ・Description First it

Rdimo 25 Aug 13, 2022