Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/saaph/eBPF_processor

An IDA processor for eBPF bytecode
https://github.com/saaph/eBPF_processor

Last synced: 15 days ago
JSON representation

An IDA processor for eBPF bytecode

Host: GitHub
URL: https://github.com/saaph/eBPF_processor
Owner: saaph
Created: 2017-04-18T16:31:04.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2017-05-17T16:23:23.000Z (over 7 years ago)
Last Synced: 2024-07-03T06:34:11.943Z (4 months ago)
Language: Python
Size: 39.1 KB
Stars: 32
Watchers: 3
Forks: 13
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# eBPF IDA Proc

This is an IDA Processor that can be used to disassemble eBPF bytecode. It was developed for a challenge. As such, it hasn't been tested with any other target than the crackme-esque filter I developed it for.

## Author

Clément Berthaux - clement (dot) berthaux (at) synacktiv (dot) com

## Installation

You just need to place `ebpf.py` in your `IDA_ROOT\procs` folder.

![Example of filter opened in IDA](img/bpf_ida.png)