Skip to content

Latest commit

 

History

History
69 lines (44 loc) · 2.93 KB

README.md

File metadata and controls

69 lines (44 loc) · 2.93 KB

Echo

Echo is an experimental generic, static analysis, symbolic execution and emulation framework, that aims to help out with binary code analysis for a variety of platforms or backends.

Echo is released under the LGPLv3 license.

Main Features

  • Generic Graph Models
    • Traversal and structural detection algorithms
    • Serialization to Dot/GraphViz
  • Generic Control flow Analysis
    • Create static and symbolic flow graphs
    • Dominator analysis
    • Serialize into scoped flow blocks or a list of instructions
  • Generic Data flow Analysis
    • Create data flow graphs
    • Inspect stack and variable dependencies of instructions
  • Generic AST Construction
    • Lift control flow graphs to Abstract Syntax Trees (ASTs)
    • Automatic variable cross-referencing
  • Generic Emulation Engine Framework
    • Virtual memory model using low level bit vectors
    • Support for HLE and LLE arithmetic on fully known, partially known and fully unknown bit vectors of any size

Supported Backends

Architecture Back-end Control Flow Data Flow AST Purity Classification Emulation
CIL AsmResolver ✓ (WIP)
CIL dnlib
x86 (32-bit) Iced ✓ (WIP)
x86 (64-bit) Iced ✓ (WIP)

Binaries

Branch Status (Linux)
master Linux

Compiling

Simply run

dotnet build

Alternatively, use any IDE that is capable of building .NET Standard 2.0 projects (such as Visual Studio or JetBrains Rider).

Not all projects need to be built for a working binary to be produced. Only the core libraries found in src/Core are required to be built. Any other project, such as the platform-specific back-ends in the src/Platforms directory and the test projects in test/, is optional and can be unloaded safely.

Support

Contributing

See CONTRIBUTING.md.