Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/cyb3rmx/zepu1chr3

A Radare2 based Python module for Binary Analysis and Reverse Engineering.
https://github.com/cyb3rmx/zepu1chr3

binary binary-analysis development malware-analysis python r2pipe radare2 reverse-engineering

Last synced: 11 months ago
JSON representation

A Radare2 based Python module for Binary Analysis and Reverse Engineering.

Awesome Lists containing this project

README 

          
# Zepu1chr3




A Radare2 based Python module for Binary Analysis and Reverse Engineering.



# Installation

- You can simply run this command.

```bash

pip3 install zepu1chr3

```



# How to Use

## Specifying a target binary

- Description: You can specify any binary file to analysis you want. It returns a handler for target file.


```python

import zepu1chr3



zep = zepu1chr3.Binary()

target = zep.File("WannaCry.exe")

```



## Getting symbols from target binary

- Description: This method will give you what symbols are inside of the target file. It returns an array of symbol information.


```python

import zepu1chr3



zep = zepu1chr3.Binary()

target zep.File("WannaCry.exe")

symbols = zep.GetSymbols(target)

```

![image](.animations/symbols.png)



## Getting imports from target binary

- Description: This method will give you what imports are inside of the target file. It returns an array of import information.


```python

import zepu1chr3



zep = zepu1chr3.Binary()

target = zep.File("WannaCry.exe")

imports = zep.GetImports(target)

```

![image](.animations/imports.png)



## Getting functions from target binary

- Description: This method will give you what functions are inside of the target file. It returns an array of function information.


```python

import zepu1chr3



zep = zepu1chr3.Binary()

target = zep.File("WannaCry.exe")

functions = zep.GetFunctions(target)

```

![image](.animations/functions.png)



## Getting sections from target binary

- Description: This method will give you what sections are inside of the target file. It returns an array of section information.


```python

import zepu1chr3



zep = zepu1chr3.Binary()

target = zep.File("WannaCry.exe")

sections = zep.GetSections(target)

```

![image](.animations/sections.png)



# Disassembling functions or somethings contained in offsets

## Getting informations about only machine code

- Description: This method will give you disassembled function codes if ```only_codes``` parameter set to ```True```


```python

import zepu1chr3



zep = zepu1chr3.Binary()

target = zep.File("WannaCry.exe")

disas = zep.DisassembleFunction(target, given_function="entry0", only_codes=True)

second = zep.DisassembleFunction(target, given_function="0x401000", only_codes=True) # You can use offsets to!!

```

![image](.animations/disas1.png)



## Getting every information about machine code (verbose!!)

- Description: If you set ```only_codes``` parameter as ```False``` you will get more verbose output.


```python

import zepu1chr3



zep = zepu1chr3.Binary()

target = zep.File("WannaCry.exe")

disas = zep.DisassembleFunction(target, given_function="entry0", only_codes=False)

```

![image](.animations/disas2.png)



# Other functionalities are coming soon!!