A collection of resources/tools and analyses for the angr binary analysis framework.

Overview

Awesome angr Awesome

A collection of resources/tools and analyses for the angr binary analysis framework. This page does not only collect links and external resources, but its meant to be an harbour to release any non-official extensions/tool/utils that can be useful when working with angr.

ExplorationTechniques 📁

A collection of exploration techniques written by the community

  • SimgrViz: an exploration technique that collects information regarding the states generated by the SimulationManager and creates a graph that can be later visualized to debug the analyses (.dot file).
  • MemLimiter: an exploration technique to stop the analysis when memory consumption is too high!
  • ExplosionDetector: stop the analysis when there are too many states or other critical errors happen.
  • KLEECoverageOptimizeSearch: KLEE technique to improve coverage.
  • KLEERandomSearch: an ET for random path selection.
  • LoopExhaustion: a loop exhaustion search strategy.
  • StochasticSearch: an ET for stocastic search of active states.
  • HeartBeat: An exploration technique to make sure symbolic execution is alive and provides some utility to gently hijack into the DSE while it is running.

Documentation 📖

Projects 🚀

List of academic/not-acadamic projects based on angr which code is open source.

  • Heaphopper - Apply symbolic execution to automatically verify security properties of most common heap libraries.
  • angr-cli - Command line interface for angr a la peda/GEF/pwndbg.
  • Syml - Use ML to prioritize exploration of promising vulnerable paths.
  • Angrop - Generate ropchains using angr and symbolic execution.
  • Angr-management - GUI for angr.
  • Mechaphish - AEG system for CGC.
  • angr-static-analysis-for-vuzzer64 - angr-based static analysis module for Vuzzer.
  • FirmXRay-angr - An angr version of the base address detection analysis implemented in FirmXRay.
  • IVTSpotter - An IVT Spotter for monolithic ARM firmware images.
  • MemSight - Rethinking Pointer Reasoning in Symbolic Execution.
  • Karonte - Detecting Insecure Multi-binary Interactions in Embedded Firmware.

Blogposts 📰

Papers 📃

Here a collection of papers which used or whose project is based on the angr framework.

Year Paper
2021 SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly But Were Afraid to Ask
2021 SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning
2021 DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices
2021 Boosting symbolic execution via constraint solving time prediction (experience paper)
2020 DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis
2020 Towards Constant-Time Foundations for the New Spectre Era
2020 Symbion: Interleaving Symbolic with Concrete Execution
2020 KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware
2020 Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation
2020 KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
2019 BinTrimmer: Towards Static Binary Debloating Through Abstract Interpretation
2019 Sleak: Automating Address Space Layout Derandomization
2018 HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security
2017 Rethinking Pointer Reasoning in Symbolic Execution
2017 Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits
2017 BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments
2017 Ramblr: Making Reassembly Great Again
2017 BootStomp: On the Security of Bootloaders in Mobile Devices
2017 Piston: Uncooperative Remote Runtime Patching
2016 SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis
2016 Driller: Augmenting Fuzzing Through Selective Symbolic Execution
2015 Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware
Grank is a feature-rich script that automatically grinds Dank Memer for you

Grank Inspired by this repository. This is a WIP and there will be more functions added in the future. What is Grank? Grank is a feature-rich script t

42 Jul 20, 2022
Create a Web Component (a Custom Element) from a python file

wyc Create a Web Component (a Custom Element) from a python file (transpile python code to javascript (es2015)). Features Use python to define your cu

7 Oct 09, 2022
Simple yet flexible natural sorting in Python.

natsort Simple yet flexible natural sorting in Python. Source Code: https://github.com/SethMMorton/natsort Downloads: https://pypi.org/project/natsort

Seth Morton 712 Dec 23, 2022
Protect your eyes from eye strain using this simple and beautiful, yet extensible break reminder

Protect your eyes from eye strain using this simple and beautiful, yet extensible break reminder

Gobinath 1.2k Jan 01, 2023
Check subdomains for Open S3 buckets

SuBuket v1.0 Check subdomains for Open S3 buckets Coded by kaiz3n Basically, this tool makes use of another tool (sublist3r) to fetch subdomains, and

kaiz3n 4 Dec 29, 2021
A Python library for reading, writing and visualizing the OMEGA Format

A Python library for reading, writing and visualizing the OMEGA Format, targeted towards storing reference and perception data in the automotive context on an object list basis with a focus on an urb

Institut für Kraftfahrzeuge, RWTH Aachen, ika 12 Sep 01, 2022
PyResToolbox - A collection of Reservoir Engineering Utilities

pyrestoolbox A collection of Reservoir Engineering Utilities This set of functio

Mark W. Burgoyne 39 Oct 17, 2022
Library for processing molecules and reactions in python way

Chython [ˈkʌɪθ(ə)n] Library for processing molecules and reactions in python way. Features: Read/write/convert formats: MDL .RDF (.RXN) and .SDF (.MOL

16 Dec 01, 2022
Multipurpose Growtopia Server tools, can be used for newbie to learn things.

Information Multipurpose Growtopia Server tools, can be used for newbie to learn things. Requirements - Python 3.x - Operating System (Recommended : W

Morphias 2 Oct 29, 2021
.bvh to .mcfunction file converter.

bvh-to-mcf .bvh file to .mcfunction converter

Hanmin Kim 28 Nov 21, 2022
WindowsDebloat - Windows Debloat with python

Windows Debloat 🗑️ Quickly and easily configure Windows 10. Disclaimer I am NOT

1 Mar 26, 2022
Utility to extract Fantasy Grounds Unity Line-of-sight and lighting files from a Univeral VTT file exported from Dungeondraft

uvtt2fgu Utility to extract Fantasy Grounds Unity Line-of-sight and lighting files from a Univeral VTT file exported from Dungeondraft This program wo

Andre Kostur 29 Dec 05, 2022
VerSign: Easy Signature Verification in Python

VerSign: Easy Signature Verification in Python versign is a small Python package which can be used to perform verification of offline signatures. It a

Muhammad Saif Ullah Khan 3 Dec 01, 2022
A python program to find binary, octal and hexadecimal of a decimal.

decimal-converter This little python program can convert a decimal in to, Binary Octal Hexadecimal Needed Python 3 or later or a online python compile

Chandula Janith 0 Nov 27, 2021
A way to write regex with objects instead of strings.

Py Idiomatic Regex (AKA iregex) Documentation Available Here An easier way to write regex in Python using OOP instead of strings. Makes the code much

Ryan Peach 18 Nov 15, 2021
Find unused resource keys in properties files in a Salesforce Commerce Cloud project and get rid of them.

Find Unused Resource Keys Find unused resource keys in properties files in a Salesforce Commerce Cloud project and get rid of them. It looks through a

Noël 5 Jan 08, 2022
Script to autocompound 3commas BO:SO based on user provided risk factor

3commas_compounder Script to autocompound 3commas BO:SO based on user provided risk factor Setup Step 1 git clone this repo into your working director

0 Feb 24, 2022
cpp20.py is a Python script to compile C++20 code using modules.

cpp20.py is a Python script to compile C++20 code using modules. It browses the source files to determine their dependencies. Then, it compiles then in order using the correct flags.

Julien VERNAY 6 Aug 26, 2022
A simple example for calling C++ functions in Python by `ctypes`.

ctypes-example A simple example for calling C++ functions in Python by ctypes. Features call C++ function int bar(int* value, char* msg) with argumene

Yusu Pan 3 Nov 23, 2022
Backup a folder to an another folder by using mirror update method.

Mirror Update Backup Backup a folder to an another folder by using mirror update method. How to use Install requirement pip install -r requirements.tx

1 Nov 21, 2022