Triton
Triton copied to clipboard
JonathanSalwan
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
Closes #1162
Hello! I could not find a way to pass additional arguments to instrumentation callbacks (e.g. get/set concrete memory). Usually I do it with bind: ``` api.addCallback(triton::callbacks::callback_e::GET_CONCRETE_MEMORY_VALUE, std::bind(&my_class::read_memory_cb, this, std::placeholder::_01, std::placeholder::_02);...
When processing trace with millions of instructions, memory quick used up for storing symbolic expressions. It's would be nice to have a feature to offload these expressions to an on-disk...
Illustrated below, `cmovne eax,DWORD PTR ds:0x100` is skipped because the condition is false, yet Triton still call the operand callbacks. ```py import opcode from triton import * ctx = TritonContext()...
Currently in the MOVQ semantics: ```cpp auto op1 = this->symbolicEngine->getOperandAst(inst, dst); ``` This line always triggers a memory read callback for the dst operand, even if the dst is memory...
This refers to #1144. ### Pending tasks - [ ] LLVM support (WIP: Linux and MacOS ok) - [ ] Bitwuzla support (WIP: Linux and MacOS ok) - [x] ~~Artifacts...
When I'm in read memory callback for example, I want to set the concrete memory value without triggering the memory write callback I registered. It would be useful if the...
I don't like the current taint analysis, I will probably rewrite the taint engine. If you have some recommendation / discussion, feel free to comment this thread. Other threads taking...
Metadata
Owner
Metadata
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.