{"id":23419394,"url":"https://github.com/bannsec/revenge","last_synced_at":"2025-04-12T12:44:42.296Z","repository":{"id":57432305,"uuid":"188461358","full_name":"bannsec/revenge","owner":"bannsec","description":"REVerse ENGineering Environment","archived":false,"fork":false,"pushed_at":"2024-05-03T17:41:15.000Z","size":1199,"stargazers_count":59,"open_issues_count":6,"forks_count":6,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-04-09T22:21:43.064Z","etag":null,"topics":["android","frida","python","python3","trace"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bannsec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-05-24T17:19:18.000Z","updated_at":"2025-04-07T19:48:51.000Z","dependencies_parsed_at":"2024-04-06T04:28:27.390Z","dependency_job_id":"88f2f4ac-c381-4387-b6c0-362951e7ab00","html_url":"https://github.com/bannsec/revenge","commit_stats":{"total_commits":455,"total_committers":2,"mean_commits":227.5,"dds":0.00219780219780219,"last_synced_commit":"2073b8fad76ff2ba21a5114be54e959297aa0cf9"},"previous_names":[],"tags_count":22,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bannsec%2Frevenge","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bannsec%2Frevenge/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bannsec%2Frevenge/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bannsec%2Frevenge/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bannsec","download_url":"https://codeload.github.com/bannsec/revenge/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248570264,"owners_count":21126392,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","frida","python","python3","trace"],"created_at":"2024-12-23T01:17:53.086Z","updated_at":"2025-04-12T12:44:42.271Z","avatar_url":"https://github.com/bannsec.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://travis-ci.com/bannsec/revenge.svg?branch=master)](https://travis-ci.com/bannsec/revenge)\n![windows](https://github.com/bannsec/revenge/workflows/windows/badge.svg)\n[![PyPI Statistics](https://img.shields.io/pypi/dm/revenge.svg)](https://pypistats.org/packages/revenge)\n[![Latest Release](https://img.shields.io/pypi/v/revenge.svg)](https://pypi.python.org/pypi/revenge/)\n[![Coverage Status](https://coveralls.io/repos/github/bannsec/revenge/badge.svg?branch=master)](https://coveralls.io/github/bannsec/revenge?branch=master)\n[![Documentation Status](https://readthedocs.org/projects/revenge/badge/?version=latest)](http://revenge.readthedocs.org/en/latest/?badge=latest)\n\n# REVerse ENGineering Environment (revenge)\nAttempting to make a centralized binary reverse engineering framework for\npython. Initially, this makes heavy use of `frida` in the backend, but should\nbe expandable and has already gone beyond Frida in some ways.\n\n# Install\n```\npip3 install https://github.com/bannsec/revenge/archive/master.zip\n\n# Or\npip3 install revenge\n```\n\n# Platforms\nThe goal is for this to be mostly platform independent. Since the backend is python and Frida, it should support Windows, Mac, Linux and Android. YMMV.\n\n# Docs\nCheck out RTD for the documentation: http://revenge.readthedocs.org/en/latest/\n\n# Examples\n\n## Windows Messages (Temporarily broken)\nSpecifically watching Windows Messages handling\n\n```bash\n# Automatically discover Windows message handling locations and show event messages as they are handled.\nrevenge -I notepad.exe windows_messages notepad.exe\n\n# Only show information about windows message WM_CHAR and WM_KEYDOWN from notepad.exe\nrevenge -I notepad.exe -rw windows_messages notepad.exe -wm WM_CHAR WM_KEYDOWN\n```\n\n## Stalking\nUse Frida stalk to trace through things\n\n```\n# Only look at traces from notepad's Windows Message handler function\nrevenge stalk notepad.exe --include-function notepad.exe:0x3a50 -I notepad.exe\n```\n\n## Find\nFind things in memory.\n\n```\n# Find where your string 'hello world' is in notepad (will check for char and wchar versions)\nrevenge find notepad.exe --string \"Hello world\"\n{'0x55d78c422250': 'StringUTF8', '0x55d78c453820': 'StringUTF8'}\n```\n\n## IPython\nDrop into an interactive shell from the command line\n```\n$ revenge ipython ls -f /bin/ls\nSpawning file                   ... [ DONE ]\nAttaching to the session        ... [ DONE ]\nEnumerating modules             ... [ DONE ]\nPython 3.6.7 (default, Oct 22 2018, 11:32:17)\nType 'copyright', 'credits' or 'license' for more information\nIPython 7.5.0 -- An enhanced Interactive Python. Type '?' for help.\n\nIn [1]: process\nOut[1]: \u003crevenge.process.Process at 0x7fa036bc14e0\u003e\n```\n\n## General Options\nReplacing functions dynamically during execution\n```\n# Replace function located at offset 0x64a in a.out binary, returning value 0x123\nrevenge stalk ./a.out --resume -rf \"a.out:0x64a?0x123\"\n\n# Disable alarm and ptrace functions\nrevenge stalk test2 -f ./test2 --resume -rf \":alarm?1\" \":ptrace?1\"\n```\n\n# FAQ\n## Why am I getting an error when trying to run a 32-bit ELF?\nThere have been some changes recently with Frida and it appears they are no longer dual building their pip installable wheels. For the time being, you can build your own version of frida if you want dual architecture support.\n\nBuilding instructions here: https://frida.re/docs/building/\nBe sure to install the latest node: https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-22-04\n\nOnce you have it built, you can force the python output into your path:\n```bash\nexport PYTHONPATH=/home/user/frida/build/frida-linux-x86_64/lib/python3.12/site-packages\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbannsec%2Frevenge","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbannsec%2Frevenge","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbannsec%2Frevenge/lists"}