Binary Analysis Platform v2.3 alpha releases: reverse engineering and program analysis platform
The Carnegie Mellon University Binary Analysis Platform (CMU BAP) is a reverse engineering and program analysis platform that works with binary code and doesn’t require the source code. BAP supports multiple architectures: ARM, x86, x86-64, PowerPC, and MIPS. BAP disassembles and lifts binary code into the RISC-like BAP Instruction Language (BIL). Program analysis is performed using the BIL representation and is architecture independent in the sense that it will work equally well for all supported architectures. The platform comes with a set of tools, libraries, and plugins. The documentation and tutorial are also available. The main purpose of BAP is to provide a toolkit for implementing automated program analysis. BAP is written in OCaml and it is the preferred language to write analysis, we have bindings to C, Python, and Rust. The Primus Framework also provides a Lisp-like DSL for writing program analysis tools.
Changelog v2.3 alpha
introduces BIL special encodings and publishes BIL CT parser (#1265)
It is now possible to (ab)use BIL special statements to encode arbitrary
semantics. The payload is still stored as a string, but it is now
specially encoded and printed. Each kind of payload is represented by
an attribute, e.g., `Bil.call` is used to encode calls, and
`Bil.intrinsic` is used to encode intrinsics.
The Core Theory BIL parser, that enables reflection of the BIL
programs into the CT terms, is moved to the library and is made
available in `Bil.Theory` module. We might later extend this module
with the actual BIL theory, though it is already could be instantiated
via the `Theory.instance` function.
The BAP main frontend is a command line utility called
bap. You can use it to explore the binary, run existing analysis, plugin your own behavior, load traces, and much more.
To dump a program in various formats use the
--dump option (or its short equivalent,
-d), For example, let’s run
bap on thex86_64-linux-gnu-echo file.
Copyright (c) 2018 Carnegie Mellon University