{"id":31769941,"url":"https://github.com/jfrog/dvora","last_synced_at":"2025-10-20T01:22:05.819Z","repository":{"id":285748517,"uuid":"949846601","full_name":"jfrog/Dvora","owner":"jfrog","description":"Dvora designed to divinate and classify unknown functions for Static Application Security Testing (SAST) of binary files","archived":false,"fork":false,"pushed_at":"2025-04-02T13:21:19.000Z","size":1609,"stargazers_count":13,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-09-28T14:56:28.347Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jfrog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-17T08:32:13.000Z","updated_at":"2025-09-03T07:35:05.000Z","dependencies_parsed_at":"2025-04-02T13:37:58.008Z","dependency_job_id":"74daae67-d3bb-43c0-884c-c6c04722de6e","html_url":"https://github.com/jfrog/Dvora","commit_stats":null,"previous_names":["jfrog/dvora"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jfrog/Dvora","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2FDvora","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2FDvora/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2FDvora/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2FDvora/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jfrog","download_url":"https://codeload.github.com/jfrog/Dvora/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2FDvora/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002527,"owners_count":26083403,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-10T02:55:47.390Z","updated_at":"2025-10-10T02:55:50.793Z","avatar_url":"https://github.com/jfrog.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"Readme\n# Dvora\n\n## Overview\nDvora is an open-source Python tool designed to divinate and classify unknown functions for Static Application Security Testing (SAST) of binary files. It can be used by static tools (or during manual research) to recognize common library functions which are statically linked into the analyzed binary (and not dynamically loaded).\n\nFailing to recognize library functions may lead to misdetecting common and severe vulnerabilities, both in manual and in automated static analysis.\n\nFor instance, when compiling a binary file as a statically linked executable without symbols, there may be no import table or symbols available to indicate which functions exist. Additionally, when compiling a binary file as a dynamically linked executable, the compiler may choose to inline certain functions, further obscuring their presence and complicating the identification process for SAST tools.\n\nSource code scanning is not a sufficient alternative either—often, the source code is not available, or dangerous functions may be added under different names or only during the build process.\n\nDvora is based on another open-source tool, Sibyl ,but is based on a more modern infrastructure (Unicorn) among other advantages allowing for a broader platform support.\n\nFun fact: Since Dvora is a divination tool, it is named after Deborah the prophet :)\n\n## Features\nFunction Identification: Detects and identifies function calls even when names are obscured or inlined.\nCompatibility: Works with both statically and dynamically linked binaries.\nOpen Source: Freely available for modification and contributions from the community.\n\n## Requirements\nPython 3\nPoetry (Python package manager)\n\n## Execution\nClone the repository using the command:\n\n```\ngit clone https://github.com/jfrog/Dvora.git\n```\n\nIf you don’t have Poetry installed, use the command:\n```\npip install poetry\n```\n\nExecute the following commands to install all dependencies:\n```\npoetry shell\npoetry install\n```\n\nTo run Dvora, execute:\n```\npython3 demo.py \u003cbinary_file\u003e \u003cfunction_address\u003e\n```\n\nWhere:\n- binary_file: The binary file you want to examine.\n- function_address: The address of the function you want to examine.\n\nExample:\n```\npython3 demo.py /path/to/binary 401745\n```\n\n## How to Find Function Addresses?\nYou can use Ghidra to examine function addresses. \n\nYou can also export functions addresses using the Jython script (included in this repository) named `ghidra_export_functions.py`.\n\n## Upcoming Releases\nWe are continuously expanding this repository with new supported functionalities. \n\nStay tuned for additional releases based on our latest research!\n\n## How to Contribute\nWe invite the security community to contribute to this initiative. \n\nFeel free to submit an issue or a pull request. \n\n## License\nThis project is licensed under the **GNU GPL 3.0**.\n\n## Contact\nFor inquiries or collaboration, please reach out to us via [GitHub Issues](https://github.com/jfrog/Dvora/issues).\n\n## Repository URL\n🔗 [GitHub Repository](https://github.com/jfrog/Dvora)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjfrog%2Fdvora","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjfrog%2Fdvora","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjfrog%2Fdvora/lists"}