This VU Sec project on function detection focuses on the automatic identification of functions in binary code. It aims to develop techniques and tools to analyze binary executables and identify individual functions within them.
Based on the paper "Compiler-Agnostic Function Detection in Binaries", published at EuroS&P 2017.
docker build -t nucleus .
docker run -it nucleus- libcapstone
- libbfd-multiarch
git clone https://github.com/f4ncyz4nz4/nucleus.git
cd nucleus
make setup
makeTo reproduce the configuration from VU Sec paper and output a list of function addresses and sizes, use:
nucleus -d linear -f -e <binary>To analyse a Mini DuMP file with an arch x86:32 and output a list of function addresses and sizes, use:
nucleus -d linear -f -t dmp -a x86 -l 32 -e <binary>To analyse a raw file with an arch x86:32 and the best offset search option and output a list of function addresses and sizes, use:
nucleus -d linear -f -t raw -a x86 -l 32 -o -e <binary> To list all the possible commands, use:
nucleus -hThis work was supported by the Netherlands Organisation for Scientific Research through grant NWO 639.023.309 VICI “Dowsing” project. The public artifacts reflect only the authors’ view. The funding agencies are not responsible for any use that may be made of the information they contain.
