Awesome

所有收集类项目

DBI

• 跟DBI（Dynamic Binary Instrumentation：动态二进制插桩）逆向有关的资源收集
• English Version

目录

• DynamoRIO
  • DrMemory -> (1)工具 (2)文章
  • 工具
    • (9) 新添加的
    • (3) 与其他工具交互
    • (1) DynamoRIO
  • 文章
    • (4) 新添加
    • (6) 工具介绍
    • (2) Fuzzing
• IntelPin
  • 工具
    • (19) 新添加的
    • (8) 其他工具交互
  • (7) 文章
• Frida
  • 工具
    • (1) Frida
    • (128) 新添加的
    • (7) 其他工具交互
  • (108) 文章
• Valgrind -> (9)工具 (6)文章
• QBDI -> (1)工具 (6)文章
• ADBI -> (2)工具 (2)文章
• DBA
  • Triton -> (6)工具 (13)文章
  • Manticore -> (2)工具 (6)文章
  • (2) 工具
  • (1) 文章
• 其他 -> (10)工具 (6)文章

<a id="c8cdb0e30f24e9b7394fcd5681f2e419"></a>DynamoRIO

<a id="f96730347d78912b366704c9b2fe2b66"></a>DrMemory

<a id="cd99303796122728f8218787dbf97cbb"></a>工具

• [1425星][23d] [C] dynamorio/drmemory Memory Debugger for Windows, Linux, Mac, and Android

<a id="23907044ce4485548fab953ba46b31dc"></a>文章

• 2016.09 [securitygossip] Practical Memory Checking With Dr. Memory
• 2014.01 [dustri] Memory debugging under Windows with drmemory

<a id="6c4841dd91cb173093ea2c8d0b557e71"></a>工具

<a id="3a912a81e4f71ce722b2ed4b7d64c6c7"></a>DynamoRIO

• [1265星][23d] [C] dynamorio/dynamorio Dynamic Instrumentation Tool Platform

<a id="ff0abe26a37095f6575195950e0b7f94"></a>新添加的

• [1394星][22d] [C] googleprojectzero/winafl A fork of AFL for fuzzing Windows binaries
• [253星][7m] [C] ampotos/dynstruct Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone
• [123星][6m] [C++] googleprojectzero/drsancov DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables
• [119星][5y] [C++] breakingmalware/selfie 对自修改代码进行脱壳
• [53星][4y] [C] lgeek/dynamorio_pin_escape DynamoRIO 和Intel Pin分析环境逃逸
• [37星][1m] [Py] oddcoder/cutterdrcov DynamoRIO coverage visualization for cutter
• [17星][3m] [C] firodj/bbtrace 记录bbtrace
• [14星][1m] [C++] vanhauser-thc/afl-dynamorio run AFL with dynamorio
• [10星][3y] [C++] atrosinenko/afl-dr Experiment in implementation of an instrumentation for American Fuzzy Lop using DynamoRIO

<a id="928642a55eff34b6b52622c6862addd2"></a>与其他工具交互

• [52星][1y] [Py] cisco-talos/dyndataresolver 动态数据解析. 在IDA中控制DyRIO执行程序的指定部分, 记录执行过程后传回数据到IDA
  • DDR 基于DyRIO的Client
  • IDA插件
• [20星][11m] [C++] secrary/findloop 使用DyRIO查找执行次数过多的代码块
• [7星][3y] [C++] ncatlin/drgat The DynamoRIO client for rgat

<a id="9479ce9f475e4b9faa4497924a2e40fc"></a>文章

<a id="ecf6662d8b6c6dcdab85873f937fcfc5"></a>新添加

• 2018.07 [topsec] 动态二进制插装入门：Pin、DynamoRIO、Frida
• 2016.08 [n0where] Dynamic Instrumentation Tool Platform: DynamoRIO
• 2012.10 [redplait] building dynamorio
• 2011.06 [redplait] dynamorio

<a id="8f8764c324010fe81f3bf2bbb16b4203"></a>工具介绍

• 2019.10 [freebuf] DrSemu：基于动态行为的恶意软件检测与分类工具
• 2019.06 [freebuf] Functrace：使用DynamoRIO追踪函数调用
• 2019.01 [360] 深入浅出——基于DynamoRIO的strace和ltrace
• 2018.08 [n0where] Dynamic API Call Tracer for Windows and Linux Applications: Drltrace
• 2017.04 [pediy] [原创]通过Selife学习使用DynamoRIO动态插桩
• 2016.11 [360] “Selfie”：利用DynamoRIO实现自修改代码自动脱壳的神器

<a id="c0c4356a0f343699ac548228a9cbf901"></a>Fuzzing

• 2017.11 [SECConsult] The Art of Fuzzing - Demo 10: In-memory Fuzzing HashCalc using DynamoRio
• 2017.11 [SECConsult] The Art of Fuzzing - Demo 6: Extract Coverage Information using DynamoRio

<a id="7b8a493ca344f41887792fcc008573e7"></a>IntelPin

<a id="fe5a6d7f16890542c9e60857706edfde"></a>工具

<a id="78a2edf9aa41eb321436cb150ea70a54"></a>新添加的

• [427星][5y] [C++] jonathansalwan/pintools Pintool example and PoC for dynamic binary analysis
• [306星][4m] [C] vusec/vuzzer depends heavily on a modeified version of DataTracker, which in turn depends on LibDFT pintool.
• [148星][6y] [C++] f-secure/sulo Dynamic instrumentation tool for Adobe Flash Player built on Intel Pin
• [131星][8m] [C++] hasherezade/tiny_tracer A Pin Tool for tracing API calls etc
• [67星][3y] [C++] m000/dtracker DataTracker: A Pin tool for collecting high-fidelity data provenance from unmodified programs.
• [60星][3y] [C++] hasherezade/mypintools Tools to run with Intel PIN
• [50星][11m] [C++] angorafuzzer/libdft64 libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
• [48星][7y] [C++] cr4sh/code-coverage-analysis-tools Code coverage analysis tools for the PIN Toolkit
• [42星][4y] [C++] corelan/pin Collection of pin tools
• [36星][4y] [C++] paulmehta/ablation Augmenting Static Analysis Using Pintool: Ablation
• [30星][5y] [C++] 0xddaa/pin Use Intel Pin tools to analysis binary.
• [30星][7y] [C++] jingpu/pintools
• [28星][1y] [C++] fdiskyou/winalloctracer Pintool that logs and tracks calls to RtlAllocateHeap, RtlReAllocateHeap, RtlFreeHeap, VirtualAllocEx, and VirtualFreeEx.
• [26星][5m] [C++] boegel/mica a Pin tool for collecting microarchitecture-independent workload characteristics
• [22星][6y] [C++] jbremer/pyn Awesome Python bindings for Pintool
• [18星][7m] bash-c/pin-in-ctf 使用intel pin来求解一部分CTF challenge
• [13星][3y] [C++] netspi/pin Intel pin tools
• [6星][2y] [C++] spinpx/afl_pin_mode Yet another AFL instrumentation tool implemented by Intel Pin.
• [0星][6m] [Makefile] barkhat26/pintool-template PinTool template for Intel Pin 3.11 compatible with VS2019

<a id="95adfd425a416ee2a5c48bc1132b5655"></a>其他工具交互

• [971星][1y] [Py] gaasedelen/lighthouse 从DBI中收集代码覆盖情况，在IDA/Binja中映射、浏览、查看
  • 重复区段: Frida->工具->其他工具交互 |
  • coverage-frida 使用Frida收集信息
  • coverage-pin 使用Pin收集覆盖信息
  • 插件 支持IDA和BinNinja
• [134星][1y] [Py] carlosgprado/jarvis 多功能, 带界面,辅助静态分析、漏洞挖掘、动态追踪(Pin)、导入导出等
  • IDA插件
  • PinTracer
• [122星][5y] [C++] zachriggle/ida-splode 使用Pin收集动态运行数据, 导入到IDA中查看
  • IDA插件
  • PinTool
• [118星][2y] [C++] 0xphoenix/mazewalker 使用Pin收集数据，导入到IDA中查看
  • mazeui 在IDA中显示界面
  • PyScripts Python脚本，处理收集到的数据
  • PinClient
• [104星][6m] [Java] 0ffffffffh/dragondance 在Ghidra中进行代码覆盖情况的可视化
  • Ghidra插件
  • coverage-pin 使用Pin收集信息
• [93星][8y] [C] neuroo/runtime-tracer 使用Pin收集运行数据并在IDA中显示
  • PinTool
  • IDA插件
• [44星][3y] [Batchfile] maldiohead/idapin plugin of ida with pin
• [17星][1y] [C++] agustingianni/instrumentation PinTool收集。收集数据可导入到IDA中
  • CodeCoverage
  • Pinnacle
  • Recoverer
  • Resolver

<a id="226190bea6ceb98ee5e2b939a6515fac"></a>文章

• 2019.10 [HackersOnBoard] Black Hat USA 2016 Pindemonium A DBI Based Generic Unpacker for Windows Executable
• 2019.08 [codingvision] Hot Patching C/C++ Functions with Intel Pin
• 2017.07 [gironsec] Intel PIN, Cheatz, Hax, And Detection Part 2
• 2017.05 [netspi] Dynamic Binary Analysis with Intel Pin
• 2016.12 [gironsec] Intel PIN, Cheatz, Hax, And Detection Part 1
• 2016.09 [zubcic] Fixing Intel PIN Visual Studio project files
• 2014.11 [portcullis] Using Intel Pin tools for binary instrumentation

<a id="f24f1235fd45a1aa8d280eff1f03af7e"></a>Frida

<a id="a5336a0f9e8e55111bda45c8d74924c1"></a>工具

<a id="6d3c24e43835420063f9ca50ba805f15"></a>Frida

• [4721星][1m] [Makefile] frida/frida Clone this repo to build Frida

<a id="54836a155de0c15b56f43634cd9cfecf"></a>新添加的

• [2176星][22d] [Py] sensepost/objection runtimemobile exploration
• [1306星][4m] [Vue] chaitin/passionfruit iOSapp 黑盒评估工具。功能丰富，自带基于web的 GUI
• [1259星][3m] dweinstein/awesome-frida frida 资源列表
• [1256星][2m] [JS] alonemonkey/frida-ios-dump pull decrypted ipa from jailbreak device
• [988星][4m] [HTML] hookmaster/frida-all-in-one FRIDA操作手册
• [926星][7m] [JS] dpnishant/appmon 用于监视和篡改本地macOS，iOS和android应用程序的系统API调用的自动化框架。基于Frida。
• [696星][2m] [Py] igio90/dwarf Full featured multi arch/os debugger built on top of PyQt5 and frida
• [643星][1m] [JS] nccgroup/house 运行时手机 App 分析工具包, 带Web GUI
• [564星][2m] [JS] iddoeldor/frida-snippets Hand-crafted Frida examples
• [550星][7m] [JS] wooyundota/droidsslunpinning Android certificate pinning disable tools
• [510星][26d] [JS] lyxhh/lxhtoolhttpdecrypt Simple Android/iOS protocol analysis and utilization tool
• [440星][1y] [Py] dstmath/frida-unpack 基于Frida的脱壳工具
• [432星][2y] [JS] 0xdea/frida-scripts A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
• [431星][2m] [C] frida/frida-python Frida Python bindings
• [405星][2y] [C++] vah13/extracttvpasswords tool to extract passwords from TeamViewer memory using Frida
• [374星][2m] [JS] chichou/bagbak Yet another frida based iOS dumpdecrypted, works on iOS 13 with checkra1n and supports decrypting app extensions
• [327星][1m] [C] frida/frida-core Frida core library intended for static linking into bindings
• [326星][1y] [C] smartdone/dexdump 一个用来快速脱一代壳的工具（稍微改下就可以脱类抽取那种壳）（Android）
• [326星][23d] [JS] smartdone/frida-scripts 一些frida脚本
• [320星][5y] [C++] frida/cryptoshark Self-optimizing cross-platform code tracer based on dynamic recompilation
• [307星][10m] [Py] nightbringer21/fridump A universal memory dumper using Frida
• [277星][2y] [Py] antojoseph/frida-android-hooks Lets you hook Method Calls in Frida ( Android )
• [271星][23d] [JS] frenchyeti/dexcalibur Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
• [251星][2y] [Py] igio90/frick aka the first debugger built on top of frida
• [248星][23d] [JS] we11cheng/wcshadowrocket iOS Shadowrocket(砸壳重签,仅供参考,添加节点存在问题)。另一个fq项目potatso源码参见:
• [238星][1m] [JS] andreafioraldi/frida-fuzzer This experimetal fuzzer is meant to be used for API in-memory fuzzing.
• [234星][1m] [C] frida/frida-gum Low-level code instrumentation library used by frida-core
• [208星][23d] [JS] xiaokanghub/frida-android-unpack this unpack script for Android O and Android P
• [203星][2y] [ObjC] alonemonkey/dumpdecrypted Dumps decrypted mach-o files from encrypted applications、framework or app extensions.
• [200星][7m] [C] nowsecure/frida-cycript Cycript fork powered by Frida.
• [185星][2m] [TS] chame1eon/jnitrace A Frida based tool that traces usage of the JNI API in Android apps.
• [179星][24d] [JS] interference-security/frida-scripts Frida Scripts
• [171星][3m] [C++] samyk/frisky Instruments to assist in binary application reversing and augmentation, geared towards walled gardens like iOS and macOS
• [158星][30d] [JS] fuzzysecurity/fermion Fermion, an electron wrapper for Frida & Monaco.
• [142星][3y] [JS] as0ler/frida-scripts Repository including some useful frida script for iOS Reversing
• [137星][10m] enovella/r2frida-wiki This repo aims at providing practical examples on how to use r2frida
• [125星][3y] [JS] antojoseph/diff-gui GUI for Frida -Scripts
• [123星][2y] [Java] brompwnie/uitkyk Android Frida库, 用于分析App查找恶意行为
• [115星][2m] [C++] frida/frida-node Frida Node.js bindings
• [114星][2y] [C] b-mueller/frida-detection-demo Some examples for detecting frida on Android
• [110星][11m] [Py] rootbsd/fridump3 A universal memory dumper using Frida for Python 3
• [106星][23d] [JS] thecjw/frida-android-scripts Some frida scripts
• [104星][2m] [JS] frida/frida-java-bridge Java runtime interop from Frida
• [99星][2y] [Java] piasy/fridaandroidtracer A runnable jar that generate Javascript hook script to hook Android classes.
• [95星][5m] [Py] demantz/frizzer Frida-based general purpose fuzzer
• [93星][7m] [TS] nowsecure/airspy AirSpy - Frida-based tool for exploring and tracking the evolution of Apple's AirDrop protocol implementation on i/macOS, from the server's perspective. Released during BH USA 2019 Training
• [91星][23d] [TS] chichou/vscode-frida WIP
• [90星][25d] [C] grimm-co/notquite0dayfriday This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly.
• [90星][3y] [JS] oalabs/frida-extract Frida.re based RunPE (and MapViewOfSection) extraction tool
• [89星][3y] [JS] oalabs/frida-wshook Script analysis tool based on Frida.re
• [88星][2y] [Py] mind0xp/frida-python-binding Easy to use Frida python binding script
• [82星][6m] [C] oleavr/ios-inject-custom (iOS) 使用Frida注入自定义Payload
• [81星][7m] [JS] frida/frida-presentations Public presentations given on Frida at conferences
• [79星][11m] wufengxue/android-reverse 安卓逆向工具汇总
• [78星][4m] [JS] andreafioraldi/frida-js-afl-instr An example on how to do performant in-memory fuzzing with AFL++ and Frida
• [75星][4y] [Py] antojoseph/diff-droid 使用 Frida对手机渗透测试的若干脚本
• [74星][9m] [PHP] vlucas/pikirasa PKI public/private RSA key encryption using the OpenSSL extension
• [69星][5m] [Py] hamz-a/jeb2frida Automated Frida hook generation with JEB
• [67星][25d] [Py] lich4/personal_script 010Editor/BurpSuite/Frida/IDA等多个工具的多个脚本
  • 010Editor 010Editor的多个脚本
  • ParamChecker Burp插件
  • Frida Frida多个脚本
  • IDA IDA Scripts
  • IDA-read_unicode.py IDA插件，识别程序中的中文字符
  • IDA-add_xref_for_macho 辅助识别Objective-C成员函数的caller和callee
  • IDA-add_info_for_androidgdb 使用gdbserver和IDA调试Android时，读取module列表和segment
  • IDA-trace_instruction 追踪指令流
  • IDA-detect_ollvm 检测OLLVM，在某些情况下修复（Android/iOS）
  • IDA-add_block_for_macho 分析macho文件中的block结构
• [65星][2m] [C] darvincisec/detectfrida Detect Frida for Android
• [59星][2y] [Py] attackercan/teamviewer-dumper 从内存中转储TeamViewer ID 和密码
• [57星][10m] [JS] hamz-a/frida-android-libbinder PoC Frida script to view Android libbinder traffic
• [56星][1m] [Py] frida/frida-tools Frida CLI tools
• [55星][23d] [Java] igio90/fridaandroidinjector Inject frida agents on local processes through an Android app
• [54星][9m] [Py] bkerler/oppo_decrypt 一加手机固件解密脚本
• [54星][1m] [Py] hamz-a/frida-android-helper Frida Android utilities
• [52星][1y] feicong/zsxq_archives 【软件安全与知识星球】精华文章列表
• [52星][8m] [TS] igio90/hooah-trace Instructions tracing powered by frida
• [50星][1y] [JS] fortiguard-lion/frida-scripts
• [50星][1y] [JS] maltek/swift-frida Frida library for interacting with Swift programs.
• [48星][7m] [JS] nowsecure/frida-trace Trace APIs declaratively through Frida.
• [47星][6m] [Swift] frida/frida-swift Frida Swift bindings
• [46星][3y] [Py] ikoz/jdwp-lib-injector
• [46星][10m] [C] sensepost/frida-windows-playground A collection of Frida hooks for experimentation on Windows platforms.
• [43星][2y] [HTML] digitalinterruption/fridaworkshop Break Apps with Frida workshop material
• [43星][25d] [TS] oleavr/frida-agent-example Example Frida agent written in TypeScript
• [42星][3m] [JS] frida/frida-compile Compile a Frida script comprised of one or more Node.js modules
• [40星][2y] [Py] agustingianni/memrepl Frida 插件，辅助开发内存崩溃类的漏洞
• [39星][1m] [CSS] frida/frida-website Frida's website
• [35星][5m] [Py] dmaasland/mcfridafee
• [35星][2m] [C++] taviso/sharapi Simpsons: Hit & Run JavaScript API
• [31星][2m] [JS] fsecurelabs/android-keystore-audit
• [30星][1y] [JS] ioactive/bluecrawl Frida (Android) Script for extracting bluetooth information
• [30星][8m] [TS] igio90/frida-onload Frida module to hook module initializations on android
• [29星][7m] [Java] dineshshetty/fridaloader A quick and dirty app to download and launch Frida on Genymotion
• [29星][25d] [C++] frida/v8 Frida depends on V8
• [28星][2y] [JS] versprite/engage Tools and Materials for the Frida Engage Blog Series
• [27星][2y] [Py] androidtamer/frida-push Wrapper tool to identify the remote device and push device specific frida-server binary.
• [27星][6m] [C++] frida/frida-clr Frida .NET bindings
• [27星][2m] [JS] nowsecure/frida-uikit Inspect and manipulate UIKit-based GUIs through Frida.
• [26星][2m] [TS] chame1eon/jnitrace-engine Engine used by jnitrace to intercept JNI API calls.
• [25星][3m] [TS] woza-lab/woza [Deprecated]Dump application ipa from jailbroken iOS based on frida. (Node edition)
• [25星][2m] [Shell] virb3/magisk-frida
• [21星][4y] [JS] dweinstein/node-frida-contrib frida utility-belt
• [21星][28d] [JS] iddoeldor/mplus Intercept android apps based on unity3d (Mono) using Frida
• [21星][7m] [JS] nowsecure/frida-uiwebview Inspect and manipulate UIWebView-hosted GUIs through Frida.
• [20星][5y] [JS] frida/aurora Proof-of-concept web app built on top of Frida
• [19星][2y] [Py] notsosecure/dynamic-instrumentation-with-frida Dynamic Instrumentation with Frida
• [19星][7m] [JS] nowsecure/frida-screenshot Grab screenshots using Frida.
• [19星][7m] [JS] freehuntx/frida-mono-api All the mono c exports, ready to be used in frida!
• [19星][3m] [JS] cynops/frida-hooks
• [18星][3m] [Py] igio90/fridaandroidtracer Android application tracer powered by Frida
• [18星][23d] [Py] bannsec/revenge REVerse ENGineering Environment
• [16星][7m] [JS] nowsecure/frida-fs Create a stream from a filesystem resource.
• [14星][2m] [Java] igio90/snetkiller InHouse safetynet killer
• [14星][4m] [JS] woza-lab/woza-desktop [Deprecated]Desktop edition of command line tool woza
• [13星][5m] [JS] freehuntx/frida-inject This module allows you to easily inject javascript using frida and frida-load.
• [12星][1y] [JS] andreafioraldi/taint-with-frida just an experiment
• [12星][5y] [JS] frida/cloudspy Proof-of-concept web app built on top of Frida
• [11星][7m] [JS] nowsecure/mjolner Cycript backend powered by Frida.
• [11星][1y] [JS] rubaljain/frida-jb-bypass Frida script to bypass the iOS application Jailbreak Detection
• [10星][2y] [JS] random-robbie/frida-docker Dockerised Version of Frida
• [10星][2m] [Py] melisska/neomorph Frida Python Tool
• [9星][5m] [JS] lmangani/node_ssl_logger Decrypt and log process SSL traffic via Frida Injection
• [9星][5m] [Py] c3r34lk1ll3r/binrida Plugin for Frida in Binary Ninja
• [8星][2y] [Py] tinyniko/tweakdev WOWOWOWOOWOWOWOOWOOWOW
• [7星][5m] [C++] jaiverma/headshot headshot: Trainer(aimbot and esp) for Assault Cube on macOS
• [7星][7m] [JS] nowsecure/frida-panic Easy crash-reporting for Frida-based applications.
• [6星][7m] [JS] davuxcom/frida-scripts Inject JS and C# into Windows apps, call COM and WinRT APIs
• [6星][3y] [JS] frida/frida-load Load a Frida script comprised of one or more Node.js modules
• [6星][4m] [TS] nowsecure/frida-remote-stream Create an outbound stream over a message transport.
• [6星][1y] [JS] eybisi/fridascripts
• [4星][7m] [JS] nowsecure/frida-memory-stream Create a stream from one or more memory regions.
• [4星][3m] [JS] sipcapture/hepjack.js Elegantly Sniff Forward-Secrecy TLS/SIP to HEP at the source using Frida
• [3星][2m] [Py] margular/frida-skeleton This repository is supposed to define infrastructure of frida on hook android including some useful functions
• [3星][2y] [JS] myzhan/frida-examples Examples of using frida.
• [2星][1y] rohanbagwe/kick-off-owasp_webapp_security_vulnerabilities Want to keep your Web application from getting hacked? Here's how to get serious about secure apps. So let's do it! Open Friday, Aug 2016 - Presentation Notes.
• [1星][1y] [JS] ddurando/frida-scripts

<a id="f0b89493b077b82fb0b10fc56fca9faf"></a>其他工具交互

• [971星][1y] [Py] gaasedelen/lighthouse 从DBI中收集代码覆盖情况，在IDA/Binja中映射、浏览、查看
  • 重复区段: IntelPin->工具->其他工具交互 |
  • coverage-frida 使用Frida收集信息
  • coverage-pin 使用Pin收集覆盖信息
  • 插件 支持IDA和BinNinja
• [609星][1y] [Java] federicodotta/brida The new bridge between Burp Suite and Frida!
• [414星][1m] [JS] nowsecure/r2frida Radare2 and Frida better together.
• [131星][3y] [Py] friedappleteam/frapl 在Frida Client和IDA之间建立连接，将运行时信息直接导入IDA，并可直接在IDA中控制Frida
  • IDA插件
  • Frida脚本
• [86星][5y] [Py] techbliss/frida_for_ida_pro 在IDA中使用Frida, 主要用于追踪函数
• [35星][2m] [CSS] nowsecure/r2frida-book The radare2 + frida book for Mobile Application assessment
• [8星][5m] [Py] c3r34lk1ll3r/binrida Plugin for Frida in Binary Ninja

<a id="a1a7e3dd7091b47384c75dba8f279caf"></a>文章

• 2019.12 [sarang6489] Root Detection Bypass With Frida.
• 2019.12 [xakcop] Cloning RSA tokens with Frida
• 2019.11 [riusksk] Frida框架在Fuzzing中的应用
• 2019.11 [securify] Android Frida hooking: disabling FLAG_SECURE
• 2019.10 [freebuf] 使用Frida绕过Android App的SSL Pinning
• 2019.10 [securify] Automated Frida hook generation with JEB
• 2019.10 [sensepost] mettle your ios with frida
• 2019.09 [freebuf] Dwarf：一款基于Pyqt5和Frida的逆向分析调试工具
• 2019.06 [two06] Fun With Frida
• 2019.05 [nsfocus] 基于Frida进行通信数据“解密”
• 2019.05 [nsfocus] Frida应用基础及APP https证书验证破解
• 2019.05 [CodeColorist] Trace child process with frida on macOS
• 2019.05 [360] FRIDA脚本系列（四）更新篇：几个主要机制的大更新
• 2019.04 [ved] Hail Frida!! The Universal SSL pinning bypass for Android.
• 2019.04 [sensepost] recreating known universal windows password backdoors with Frida
• 2019.04 [securify] Frida Android libbinder
• 2019.03 [360] FRIDA脚本系列（三）超神篇：百度AI“调教”抖音AI
• 2019.03 [securityinnovation] Setting up Frida Without Jailbreak on the Latest iOS 12.1.4 Device
• 2019.02 [nowsecure] Frida 12.3 Debuts New Crash Reporting Feature
• 2019.01 [fuzzysecurity] Windows Hacking 之：ApplicationIntrospection & Hooking With Frida
• 2019.01 [fuping] 安卓APP测试之HOOK大法-Frida篇
• 2019.01 [360] FRIDA脚本系列（二）成长篇：动静态结合逆向WhatsApp
• 2019.01 [pediy] [原创]介召几个frida在安卓逆向中使用的脚本以及延时Hook手法
• 2018.12 [360] FRIDA脚本系列（一）入门篇：在安卓8.1上dump蓝牙接口和实例
• 2018.12 [pediy] [原创]CVE-2017-4901 VMware虚拟机逃逸漏洞分析【Frida Windows实例】
• 2018.12 [freebuf] 一篇文章带你领悟Frida的精髓（基于安卓8.1）
• 2018.12 [pediy] [原创] Frida操作手册-Android环境准备
• 2018.11 [4hou] 使用FRIDA为Android应用进行脱壳的操作指南
• 2018.11 [pediy] [原创]Frida Bypass Android SSL pinning example 1
• 2018.11 [secjuice] Getting Started With Objection + Frida
• 2018.11 [insinuator] 使用Frida转储进程中解密后的文档
• 2018.11 [BSidesCHS] BSidesCHS 2018: "Hacking Mobile Apps with Frida" by David Coursey
• 2018.11 [freebuf] Frida-Wshook：一款基于Frida.re的脚本分析工具
• 2018.11 [360] 如何使用FRIDA搞定Android加壳应用
• 2018.11 [ioactive] Extracting Bluetooth Metadata in an Object’s Memory Using Frida
• 2018.11 [fortinet] How-to Guide: Defeating an Android Packer with FRIDA
• 2018.10 [PancakeNopcode] r2con2018 - Analyzing Swift Apps With swift-frida and radare2 - by Malte Kraus
• 2018.10 [serializethoughts] Bypassing Android FLAG_SECURE using FRIDA
• 2018.09 [pediy] [原创]使用frida来hook加固的Android应用的java层
• 2018.09 [freebuf] Frida在爆破Windows程序中的应用
• 2018.08 [pediy] [翻译]通过破解游戏学习Frida基础知识
• 2018.07 [pediy] [原创]在windows搭建frida hook环境碰到问题
• 2018.07 [CodeColorist] 《基于 FRIDA 的全平台逆向分析》课件
• 2018.07 [serializethoughts] Frida, Magisk and SELinux
• 2018.07 [pediy] [翻译]在未root的设备上使用frida
• 2018.07 [pediy] [原创]进阶Frida--Android逆向之动态加载dex Hook（三）（下篇）
• 2018.07 [pediy] [原创]进阶Frida--Android逆向之动态加载dex Hook（三）（上篇）
• 2018.06 [pediy] [原创]frida源码阅读之frida-java
• 2018.06 [4hou] 利用Frida打造ELF解析器
• 2018.06 [pediy] [原创]关于android 微信 frida 使用技巧
• 2018.06 [pediy] [原创]初识Frida--Android逆向之Java层hook (二)
• 2018.06 [pediy] [原创]初识Frida--Android逆向之Java层hook (一)
• 2018.05 [pediy] [原创]Frida从入门到入门—安卓逆向菜鸟的frida食用说明
• 2018.05 [aliyun] Frida.Android.Practice (ssl unpinning)
• 2018.05 [infosecinstitute] Frida
• 2018.03 [pediy] [翻译]使用 Frida 逆向分析 Android 应用与 BLE 设备的通信
• 2018.03 [freebuf] Frida之Pin码破解实验
• 2018.02 [pentestpartners] Reverse Engineering BLE from Android apps with Frida
• 2018.02 [BSidesLeeds] Prototyping And Reverse Engineering With Frida by Jay Harris
• 2018.02 [libnex] Hunting for hidden parameters within PHP built-in functions (using frida)
• 2017.11 [pediy] [翻译]Frida官方手册中文版
• 2017.10 [pediy] [翻译]利用Frida绕过Certificate Pinning
• 2017.09 [PancakeNopcode] r2con 2017 - Intro to Frida and Dynamic Machine Code Transformations by Ole Andre
• 2017.09 [PancakeNopcode] r2con2017 - r2frida /by @mrmacete
• 2017.09 [pediy] [原创] 如何构建一款像 frida 一样的框架
• 2017.08 [360] 如何利用Frida实现原生Android函数的插桩
• 2017.08 [notsosecure] 如何动态调整使用 Android 的NDK 编写的代码，即：使用 Frida Hook C/ C++ 开发的功能。
• 2017.08 [freebuf] Brida：使用Frida进行移动应用渗透测试
• 2017.08 [freebuf] 利用Frida从TeamViewer内存中提取密码
• 2017.08 [360] 联合Frida和BurpSuite的强大扩展--Brida
• 2017.08 [4hou] Brida:将frida与burp结合进行移动app渗透测试
• 2017.07 [mediaservice] Brida 实战
• 2017.07 [360] 使用Frida绕过Android SSL Re-Pinning
• 2017.07 [mediaservice] 使用 Frida 绕过 AndroidSSL Pinning
• 2017.07 [4hou] objection - 基于 Frida 的 iOS APP Runtime 探测工具
• 2017.07 [koz] 无需 Root 向 AndroidApp 中注入原生库（例如 Frida）
• 2017.06 [360] 利用FRIDA攻击Android应用程序（四）
• 2017.06 [fitblip] Frida CodeShare: Building a Community of Giants
• 2017.05 [freebuf] 如何在iOS应用程序中用Frida来绕过“越狱检测”?
• 2017.05 [4hou] Android APP破解利器Frida之反调试对抗
• 2017.05 [360] 如何使用Frida绕过iOS应用的越狱检测
• 2017.05 [4hou] Frida：一款可以绕过越狱检测的工具
• 2017.05 [pediy] [翻译]多种特征检测 Frida
• 2017.05 [attify] 如何使用Frida绕过iOS应用的越狱检测
• 2017.05 [pediy] [翻译]OWASP iOS crackme 的教程：使用Frida来解决
• 2017.05 [attify] Bypass Jailbreak Detection with Frida in iOS applications
• 2017.05 [pediy] [翻译]用Frida来hack 安卓应用III—— OWASP UNCRACKABLE 2
• 2017.05 [360] 利用FRIDA攻击Android应用程序（三）
• 2017.04 [codemetrix] Hacking Android apps with FRIDA III - OWASP UnCrackable 2
• 2017.04 [4hou] 安卓APP破解利器Frida之破解实战
• 2017.04 [4hou] 安卓APP破解利器之FRIDA
• 2017.04 [koz] 不用Root就可以在安卓上使用Frida。
• 2017.04 [pediy] [翻译]使用Frida来hack安卓APP（二）-crackme
• 2017.04 [fuping] Android HOOK 技术之Frida的初级使用
• 2017.03 [pediy] [翻译] 使用Frida来hack安卓APP（一）
• 2017.03 [360] 利用FRIDA攻击Android应用程序（二）
• 2017.03 [360] 利用FRIDA攻击Android应用程序（一）
• 2017.03 [notsosecure] 使用 Frida 审计安卓App和安全漏洞
• 2017.03 [codemetrix] 使用Frida Hack安卓App（Part 2）
• 2017.03 [codemetrix] 使用Frida Hack安卓App（Part 1）
• 2017.01 [freebuf] 使用Frida配合Burp Suite追踪API调用
• 2016.09 [PancakeNopcode] r2con 2016 -- oleavr - r2frida
• 2016.09 [n0where] RunPE Extraction Tool: FridaExtract
• 2015.11 [crackinglandia] Anti-instrumentation techniques: I know you’re there, Frida!
• 2014.08 [3xp10it] frida用法
• 2014.08 [3xp10it] frida用法
• 2014.08 [3xp10it] frida开启ios app签名服务
• 2014.02 [silentsignal] From Read to Domain Admin – Abusing Symantec Backup Exec with Frida

<a id="8abff248f7dd0b63fde24de6fc9a87b8"></a>Valgrind

<a id="c5b612f014bbeb313c6e2b80cc5cafe3"></a>工具

• [188星][26d] [Py] angr/pyvex Python bindings for Valgrind's VEX IR.
• [152星][1m] [C] wmkhoo/taintgrind A taint-tracking plugin for the Valgrind memory checking tool
• [128星][9y] [C] agl/ctgrind Checking that functions are constant time with Valgrind
• [35星][8m] [C] pmem/valgrind Enhanced Valgrind for Persistent Memory
• [29星][11y] [C] dmolnar/smartfuzz Valgrind extension for whitebox fuzz testing
• [7星][2m] [C] yugr/valgrind-preload LD_PRELOAD-able library which runs all spawned processes under Valgrind.
• [6星][1m] [C] kristerw/deadstores A Valgrind tool for finding redundant loads/stores
• [0星][2y] [C] daveti/valgrind Valgrind hacking from daveti
• [0星][2y] [C] daveti/valtrap valgrind trapdoor

<a id="ac878aff7e9b69738d83059912f2ba07"></a>文章

• 2018.07 [davejingtian] Hacking Valgrind
• 2017.03 [csyssec] 如何使用Valgrind memcheck工具进行C/C++的内存漏洞检测
• 2015.05 [Roland] 使用Valgrind找出Android中Native程序内存泄露问题
• 2012.08 [dndxhej] linux下valgrind的使用概述
• 2010.07 [jinzhuojun] 性能优化工具gprof & 内存检测工具Valgrind 用法
• 2008.06 [kesalin] Valgrind--Linux下的内存调试和代码解剖工具

<a id="b2fca17481b109a9b3b0bc290a1a1381"></a>QBDI

<a id="e72b766bcd3b868c438a372bc365221e"></a>工具

• [589星][1y] [C++] qbdi/qbdi A Dynamic Binary Instrumentation framework based on LLVM.

<a id="2cf79f93baf02a24d95d227a0a3049d8"></a>文章

• 2019.09 [quarkslab] QBDI 0.7.0
• 2019.07 [freebuf] 教你如何使用QBDI动态二进制检测框架
• 2019.06 [quarkslab] Android Native Library Analysis with QBDI
• 2018.01 [quarkslab] Slaying Dragons with QBDI
• 2018.01 [pentesttoolz] QBDI – QuarkslaB Dynamic binary Instrumentation
• 2018.01 [n0where] QuarkslaB Dynamic binary Instrumentation: QBDI

<a id="8e50e0c1c90258367f1095c61a7f4b82"></a>ADBI

<a id="74096de3c5933b67a9fe313f1afbbb6a"></a>工具

• [1057星][5y] [C] crmulliner/adbi Android Dynamic Binary Instrumentation Toolkit
• [429星][4y] [Makefile] mindmac/androideagleeye An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.

<a id="e39eb06761c41f7534a142e5ffb1dcc4"></a>文章

• 2014.06 [Roland] Android平台下hook框架adbi的研究（下）
• 2014.06 [Roland] Android平台下hook框架adbi的研究（上）

<a id="6f79d6b2aa9f3d2daa8629c565f44269"></a>DBA

<a id="c9b96059b34d508fdb2c202895518fbd"></a>Triton

<a id="1dd4818bf0c90f6c2244362dc1ae1d89"></a>工具

• [1433星][24d] [C++] jonathansalwan/triton DBA框架，内置：动态符号执行引擎、动态污点引擎、AST（x86, x86-64, AArch64）指令集，SMT simplification passes, an SMT solver interface，Python绑定
• [61星][3y] [Py] cifasis/nosy-newt Nosy Newt is a simple concolic execution tool for exploring the input space of a binary executable program based in Triton
• [24星][1y] [Py] cosine0/amphitrite Symbolic debugging tool using JonathanSalwan/Triton
• [24星][7m] [Py] jonathansalwan/x-tunnel-opaque-predicates IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE. Example with X-Tunnel.
• [17星][5m] [Py] macaron-et/wasabi-aeg Yet another implementation of AEG (Automated Exploit Generation) using symbolic execution engine Triton.
• [2星][5m] [Pascal] pigrecos/triton4delphi The Triton - Dynamic Binary Analysis (DBA) framework - by JonathanSalwan binding for Delphi

<a id="c941c67d2b508750b93e88709fd02ebf"></a>文章

• 2019.05 [aliyun] Triton 学习 - pintool 篇
• 2019.05 [aliyun] Triton 学习
• 2018.05 [360] DEFCON CHINA议题解读 | Triton和符号执行在 GDB 上
• 2018.02 [HITCON] [HITCON CMT 2017] R0D202 - 陳威伯 - Triton and Symbolic execution on GDB
• 2017.09 [PancakeNopcode] r2con2017 - Pimp my Triton
• 2017.09 [quarkslab] Mistreating Triton
• 2017.04 [0x48] Triton学习笔记(三)
• 2017.04 [0x48] Triton学习笔记(三)
• 2017.04 [0x48] Triton学习笔记(二)
• 2017.04 [0x48] Triton学习笔记(二)
• 2017.04 [0x48] Triton学习笔记(一)
• 2017.04 [0x48] Triton学习笔记(一)
• 2015.06 [quarkslab] Triton under the hood

<a id="6926f94dd30bc88e4dc975e56f0323dc"></a>Manticore

<a id="9d452bb3dd68a493fb3c20a9d884dd38"></a>工具

• [1867星][26d] [Py] trailofbits/manticore 动态二进制分析工具，支持符号执行（symbolic execution）、污点分析（taint analysis）、运行时修改。
• [42星][1m] [Py] trailofbits/manticore-examples Example Manticore scripts

<a id="aa7c141a83254ef421b081143f4a0f9f"></a>文章

• 2020.01 [trailofbits] Symbolically Executing WebAssembly in Manticore
• 2019.07 [arxiv] [1907.03890] Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts
• 2019.06 [trailofbits] Announcing Manticore 0.3.0
• 2019.01 [trailofbits] Symbolic Path Merging in Manticore
• 2017.06 [n0where] Dynamic Binary Analysis Tool: Manticore
• 2017.05 [4hou] Manticore：次世代二进制分析工具

<a id="86fb610cf955224352160b14171bfa86"></a>工具

• [644星][1y] [Go] lunixbochs/usercorn 通过模拟器对二进制文件进行动态分析
• [50星][1y] [Py] hrkfdn/deckard Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks

<a id="b6c6d6f1813166e14d971dd448a3f158"></a>文章

• 2013.03 [guidovranken] Dynamic binary analysis using myrrh

<a id="5a9974bfcf7cdf9b05fe7a7dc5272213"></a>其他

<a id="104bc99e36692f133ba70475ebc8825f"></a>工具

• [272星][4y] [C] samsung/adbi Android Dynamic Binary Instrumentation tool for tracing Android native layer
• [187星][2y] [C++] sidechannelmarvels/tracer Set of Dynamic Binary Instrumentation and visualization tools for execution traces.
• [173星][1m] [C] beehive-lab/mambo ARM运行时二进制文件修改工具，低耗版。
• [109星][2y] [C++] joxeankoret/membugtool A DBI tool to discover heap memory related bugs
• [77星][3y] [Py] carlosgprado/brundlefuzz BrundleFuzz is a distributed fuzzer for Windows and Linux using dynamic binary instrumentation.
• [71星][22d] [Py] birchjd/piobdii ODBII graphic interface on a Raspberry Pi computer, using an ELM327 Bluetooth/USB device. Read and display engine data, OBDII Trouble Codes & Descriptions Using Python. YouTube video:
• [60星][2y] [C] zhechkoz/pwin Security Evaluation of Dynamic Binary Instrumentation Engines
• [36星][2y] [C++] fdiskyou/dbi Files for
• [18星][7y] [C] pleed/pyqemu Dynamic binary instrumentation based crypto detection framework. Implementation of
• [6星][4y] [C++] crackinglandia/exait-plugins Anti-Dynamic binary instrumentation plugins for eXait (

<a id="8f1b9c5c2737493524809684b934d49a"></a>文章

• 2018.08 [4hou] 动态二进制插桩的原理和基本实现过程（一）
• 2018.07 [deniable] Dynamic Binary Instrumentation Primer
• 2017.11 [rootedconmadrid] Ricardo J. Rodríguez - Mejora en el Proceso de Desempacado usando Técnicas DBI [RootedCON 2012]
• 2017.05 [yurichev] 30-May-2017: Using PIN DBI for XOR interception
• 2013.12 [corelan] Using DBI for solving Reverse Engineering 101 – Newbie Contest from eLearnSecurity
• 2012.04 [talosintelligence] Prototyping Mitigations with DBI Frameworks

贡献

内容为系统自动导出, 有任何问题请提issue