Metasploit Reversing Toolkit (Intro)
One of the goals of the Metasploit Project is to provide a useful and friendly outlet for security related research. Examples of this can be seen in the Metasploit Framework, the Opcode Database, and the Metasploit Anti-Forensics tools. Though the focus of the project has been mostly oriented toward exploitation research, the interests of those involved in the project generally don't stop there. Most recently, I've been spending some time designing and implementing a library that can be used to help perform automated binary analysis. Depending on time and sustained interest, I hope to be able to release this library as the Metasploit Reversing Toolkit (MSRT). The library is currently being prototyped in Ruby.
The primary goal for this library will be to provide a powerful and simple interface for those who wish to perform binary analysis and for those who wish to implement and test ideas pertaining to binary analysis. It's important to note that I don't claim to be a binary analysis ninja (I'm no halvar :) and that I don't foresee this toolkit as being as powerful as IDA in many regards. However, it's my hope that it will still be a useful environment for testing ideas. Failing that, it's at least an interesting and challenging distraction :).
In my next post I'll give examples of some of the things the library is already capable of providing in terms of analysis. Stay tuned.
The primary goal for this library will be to provide a powerful and simple interface for those who wish to perform binary analysis and for those who wish to implement and test ideas pertaining to binary analysis. It's important to note that I don't claim to be a binary analysis ninja (I'm no halvar :) and that I don't foresee this toolkit as being as powerful as IDA in many regards. However, it's my hope that it will still be a useful environment for testing ideas. Failing that, it's at least an interesting and challenging distraction :).
In my next post I'll give examples of some of the things the library is already capable of providing in terms of analysis. Stay tuned.
posted by skape at 11:09 PM
3 Comments:
Hey this is cool and sounds totally like something that would be useful on the offensive computing side. we should get together and talk, since I do binary re all the time maybe I can give you some ideas that would be helpful. cool!
V.
Sounds like a neat tool. Anything specific that you care to mention about what will be automated in terms of RCE? I look forward to playing with it.
Cheers,
Don
will you welcome 3rd party plugins for this dissasembler, so when new protection scemes are developed people can write the unpacking /decompression plugins to use with ur dissasembler.
Post a Comment
Links to this post:
Create a Link
<< Home