Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/adrianherrera/malware-s2e

Code for my blog post on using S2E for malware analysis
https://github.com/adrianherrera/malware-s2e

malware s2e symbolic-execution

Last synced: 3 months ago
JSON representation

Code for my blog post on using S2E for malware analysis

Host: GitHub
URL: https://github.com/adrianherrera/malware-s2e
Owner: adrianherrera
Created: 2018-01-05T09:52:14.000Z (about 7 years ago)
Default Branch: master
Last Pushed: 2019-07-16T08:34:10.000Z (over 5 years ago)
Last Synced: 2023-02-26T04:26:57.497Z (almost 2 years ago)
Topics: malware, s2e, symbolic-execution
Language: C++
Size: 17.6 KB
Stars: 24
Watchers: 2
Forks: 4
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Analysing "Trigger-based" Malware with S2E

This code accompanies my Analysing "Trigger-based" Malware [blog
post](https://adrianherrera.github.io/post/malware-s2e) and
[slides](https://speakerdeck.com/adrianherrera/analyzing-trigger-based-malware-with-s2e).

Both directories should be copied into the windows directory of the
[guest-tools](https://github.com/S2E/guest-tools) repo in your S2E environment,
located at `$S2EDIR/source/s2e/guest/windows`.

Open the `s2e.sln` solution in Visual Studio and add the `malware-inject`,
`GetLocalTime-hook` and `wannacry-hook` projects to the s2e solution.

The `GetLocalTime-test` project can be used to test symbolic execution of
`GetLocalTime`. `GetLocalTime-test` is a stand-alone project and does **not**
have to be added to the s2e solution.