Giter Site home page Giter Site logo

pjlantz / opensaw Goto Github PK

View Code? Open in Web Editor NEW

This project forked from ericssonresearch/opensaw

1.0 1.0 0.0 7.98 MB

OpenSAW is a framework that uses concolic execution to find bugs in compiled programs

License: Other

Python 17.10% Makefile 0.41% HTML 0.24% CSS 0.17% JavaScript 0.70% C++ 80.75% C 0.38% Assembly 0.08% Shell 0.16%

opensaw's Introduction

OpenSAW

OpenSAW stands for Open Security Analysis Workbench, and is a framework for building systems that use concolic execution to find bugs in compiled programs. OpenSAWs main feature is that it allows users to quickly start developing and testing their own bug-finding search strategies. OpenSAW is written in Python and allows the concolic execution engine to be replaced easily, letting users test how well their own concolic execution implementation performs in comparison with others.

Setup

See docs/SETUP.md

Usage

WARNING: Do not run OpenSAW on malicious code. The executable you provide is executed with the same permissions as OpenSAW.

Running OpenSAW on a binary is trivial in the OpenSAW virtual machine.
After you are connected to the machine, run the following command

python2.7 -m opensaw -i <initial_input> -- <executable> [arguments, {} is replaced by input filename]

to launch OpenSAW on <executable> that takes a single file as input argument. OpenSAW will start with passing the file defined by <initial_input> to the program and then proceed to generate new inputs based on the trace created by this execution.

To start the standalone GUI monitoring the progress, start the program OpenSAW/dev/gui/main.py.

See docs/Using OpenSAW.md for more details and information on how to track progress.

Building your own search strategy

One of the great features with OpenSAW is that it lets users quickly get their hands dirty and experiment with new bug-finding search strategies. This is done by extending an existing search strategy or writing a new one. Descriptions of existing search strategies and also instructions on how to write your own can be found in docs/Strategies.md

Repository Structure

OpenSAW/
  dev/             : development files
    coverage/      : OpenSAW's test coverage (generated by make)
    documentation/ : OpenSAW's documentation (generated by make)
    opensaw/       : OpenSAW, the main application
    gui/           : Standalone GUI
    test/          : test programs
    pintool/       : code for the pintool, both cgc and linux/i383 version.
  docs/            : documentation
  tools/           : required tools and scripts
                     (BAP and PIN installation archives and compiled iltrans and pintool)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.