angr

angr is a platform-agnostic binary analysis framework developed by the Computer Security Lab at UC Santa Barbara and their associated CTF team, Shellphish.

Several challenges must be overcome to programmatically analyze a binary. They are, roughly:

• Loading a binary into the analysis program.
• Translating a binary into an intermediate representation (IR).
• Performing the actual analysis. This could be:
  • A partial or full-program static analysis (i.e., dependency analysis, program slicing).
  • A symbolic exploration of the program’s state space (i.e., “Can we execute it until we find an overflow?”).
  • Some combination of the above (i.e., “Let’s execute only program slices that lead to a memory write, to find an overflow.”)

angr has components that meet all of these challenges.

angr is a suite of Python 2 libraries that let you load a binary and do a lot of cool things to it:

• Disassembly and intermediate-representation lifting
• Program instrumentation
• Symbolic execution
• Control-flow analysis
• Data-dependency analysis
• Value-set analysis (VSA)

Download && Tutorial

Copyright (c) 2015, The Regents of the University of California