Angr - The Next Generation of Binary Analysis

Citations Over TimeTop 10% of 2017 papers

Abstract

Software is becoming increasingly more complex, and vul-nerabilities more subtle Better approaches are required to effectively analyze modern binaries, efficiently identify deeply buried defects, and intelligently assist human analysts with specific software reversing tasks Tons of good techniques and approaches regarding binary analysis have recently emerged from both academia and industry, many of which are fairly applicable to real-world binary research tasks However, due to the lack of a flexible and approachable binary analysis platform, testing and applying these techniques becomes a difficult job. angr is the next-generation binary analysis platform devel-oped by the SecLab of University of California, Santa Barbara It is flexible, easy to work with, cross-platform and cross-architecture, and has many techniques from academia already implemented and embedded inside In this course, we will start about the fundamental underpinnings of angr, dynamic symbolic execution, and static binary analysis We will then demonstrate best practices in doing symbolic execution and data dependence tracking in angr In the end, we will show how angr can assist in bug hunting All demos will be performed on CTF challenges and real-world programs.

Related Papers

• → Combining static analysis error traces with dynamic symbolic execution (experience paper)(2022)11 cited
• → An Approach to Static-Dynamic Software Analysis(2016)5 cited
• → Improving the precision of static analysis: Symbolic execution based on GCC abstract syntax tree(2017)4 cited
• → Prototyping symbolic execution engines for interpreted languages(2014)4 cited
• → Exposing Vulnerable Paths: Enhance Static Analysis with Lightweight Symbolic Execution(2021)1 cited