An open API service indexing awesome lists of open source software.

https://github.com/chasebryan/kaiju

monster-class binary analysis. rust first. headless first.
https://github.com/chasebryan/kaiju

binary-analysis cfg cli disassembler elf intermediate-representation macho pe reverse-engineering rust static-analysis

Last synced: 1 day ago
JSON representation

monster-class binary analysis. rust first. headless first.

Awesome Lists containing this project

README

          

kaiju_word_banner



# Kaiju RE

monster-class binary analysis.

rust first. headless first. no fake decompiler magic.

kaiju is the beginning of a reverse-engineering workbench:
load bytes, name the format, map memory, pull strings, decode a little code,
draw a small CFG, and save the facts in a plain project snapshot.

it is early.

what works:

- raw loading
- ELF / PE / Mach-O sniffing
- limited ELF, PE, and Mach-O metadata
- memory maps
- Mach-O segment maps
- Mach-O universal/fat member selection
- ELF symbol tables
- ELF shared-library dependencies
- ELF dynamic imports
- ELF relocation tables
- PE COFF symbols
- PE import DLL dependencies
- PE import tables
- PE export tables
- PE base relocations
- Mach-O symbol tables
- Mach-O dylib dependencies
- Mach-O undefined-symbol imports
- Mach-O section relocation tables
- strings
- network evidence topology
- classic PCAP topology and payload inspection
- explicit TCP probes and port scans
- loader diagnostics
- small x86-64 disassembly
- direct-branch CFGs
- conservative function discovery from entrypoints, loader metadata, and direct
call targets
- bounded direct-call CFG expansion for x86-64 functions
- conservative RIP-relative data and string cross-references from decoded
x86-64 basic blocks
- bounded IR summaries for discovered x86-64 CFG blocks
- project JSON export
- safe `.kaiju` project package snapshots
- read-only `.kaiju` project package inspection
- native Rust GUI workbench with binary/package open, package save,
diagnostics, logs, and synchronized function/address navigation

try:

```bash
cargo test --workspace
cargo run -p kaiju-cli -- info tests/fixtures/raw.bin
cargo run -p kaiju-cli -- map tests/fixtures/raw.bin
cargo run -p kaiju-cli -- diagnostics tests/fixtures/raw.bin
cargo run -p kaiju-cli -- symbols tests/fixtures/raw.bin
cargo run -p kaiju-cli -- dependencies tests/fixtures/raw.bin
cargo run -p kaiju-cli -- imports tests/fixtures/raw.bin
cargo run -p kaiju-cli -- exports tests/fixtures/raw.bin
cargo run -p kaiju-cli -- relocations tests/fixtures/raw.bin
cargo run -p kaiju-cli -- analyze tests/fixtures/raw.bin
cargo run -p kaiju-cli -- export tests/fixtures/raw.bin
KAIJU_SAVE_DIR=$(mktemp -d /tmp/kaiju-raw.XXXXXX.kaiju)
cargo run -p kaiju-cli -- save tests/fixtures/raw.bin --out "$KAIJU_SAVE_DIR"
cargo run -p kaiju-cli -- package "$KAIJU_SAVE_DIR"
cargo run -p kaiju-cli -- functions tests/fixtures/raw.bin
cargo run -p kaiju-cli -- ir tests/fixtures/raw.bin
cargo run -p kaiju-cli -- xrefs tests/fixtures/raw.bin
cargo run -p kaiju-cli -- network tests/fixtures/network-evidence.txt
cargo run -p kaiju-workbench -- tests/fixtures/raw.bin
scripts/package-kaiju-workbench-linux.sh
```

not yet:

- privileged live interface capture backend
- full parsers
- full disassembly
- lifting worth bragging about
- decompiler
- plugin runtime

the rule: build the foundation before the monster suit.

Apache-2.0.