Awesome

Binja Sibyl

A Miasm2 + binaryninja based function divination.

What it does

Sybil is a tool to recognize standard functions based on their side effects. For a detailed introduction see Sybil's README.

Screenshot

Options

• Function prefix: a prefix to prepend to the function name after it has been recognized (e.g.: prefix_strlen).
• Function selector: whether to apply the analysis to unknown functions (starting with sub_) or every funtion.
• Add comment: whether to add a comment at the top of the function. Useful to keep in mind that the function name might be wrong (Sibyl can give false positives).

Speed

Currently, Binja Sibyl uses a single thread so, as of now, it's slower than running Sibyl manually.

Props

Shout out to Camille MOUGEY, the author of Sibyl. The underlying idea is pretty clever.