Skip to content

Commit

Permalink
feat: add some more automated RE tools
Browse files Browse the repository at this point in the history
  • Loading branch information
timyardley committed Jul 11, 2023
1 parent d702855 commit 2edd554
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions tools/analysis/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,9 @@ Developed as a community asset
- [Binwalk](https://github.com/ReFirmLabs/binwalk) - Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
- [ANGR](https://github.com/angr/angr) - A powerful and user-friendly binary analysis platform.
- [Floss](https://github.com/fireeye/flare-floss) - FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries.
- [FACT](https://github.com/fkie-cad/FACT_core) - The Firmware Analysis and Comparison Tool (formerly known as Fraunhofer's Firmware Analysis Framework (FAF)) is intended to automate most of the firmware analysis process. It unpacks arbitrary firmware files and processes several analyses. Additionally, it can compare several images or single files.
- [EMBA](https://github.com/e-m-b-a/emba) - EMBA is designed as the central firmware analysis tool for penetration testers. It supports the complete security analysis process starting with the firmware extraction process, doing static analysis and dynamic analysis via emulation and finally generating a web report. EMBA automatically discovers possible weak spots and vulnerabilities in firmware. Examples are insecure binaries, old and outdated software components, potentially vulnerable scripts or hard-coded passwords.
- [Callisto](https://github.com/JetP1ane/Callisto) - Callisto is an intelligent automated binary vulnerability analysis tool. Its purpose is to autonomously decompile a provided binary and iterate through the psuedo code output looking for potential security vulnerabilities in that pseudo c code. Ghidra's headless decompiler is what drives the binary decompilation and analysis portion. The pseudo code analysis is initially performed by the Semgrep SAST tool and then transferred to GPT-3.5-Turbo for validation of Semgrep's findings, as well as potential identification of additional vulnerabilities.

### Symbolic Execution

Expand Down

0 comments on commit 2edd554

Please sign in to comment.