Symbolic Exploit Assistant project is looking for collaborators

This topic contains 0 replies, has 1 voice, and was last updated by  galapag0 6 years, 3 months ago.

  • Author
    Posts
  • #8464
     galapag0 
    Participant

    Hello!

    I’m  asking for help/collaboration from the community to
    expand and improve our tool called “Symbolic Exploit Assistant” (SEA) for assisted exploit
    generation of binary programs.

    In a few words, this tool starts with a path in a disassembled binary
    represented with an abstract intermediate language (we start supporting REIL)
    to generate and solve SMT constraints according to the user request.
    If the solver finds a solution, the values for the input variables can be used to
    exploit the path of the program selected.

    Of course, SEA is not state of the art but a few examples from
    Gera’s Insecure Programming (http://community.corest.com/~gera/InsecureProgramming/) can be “solved”.

    We tried to look for other open source and public tools like SEA, but we
    couldn’t find any. We believe that there should be completely open tools
    that help people to find vulnerabilities easier and quicker.
    We don’t like the idea that only some companies and governments have
    access to such tools. This is a very small step in the direction
    of the democratisation of the access to exploitation tools.

    Finally, we ask the community for help to do research, development and
    implementation of SEA in order to build a tool to perform binary
    analysis.

    The code and some documentation is available in:

    https://github.com/neuromancer/sea

    Thanks!

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?