Yes, we have the dynamic (using micro-execution) taint analysis engine, you can run it on an executable ./exe with
bap ./exe --run --run-system=taint-analyzer
The analyzer will run the binary using microexecution and propagate taint. You can define your own policies (aka analysis), using Primus Lisp. Some of the example policy specifications (for you to get the general idea) could be found here or here. You're welcome to join our Gitter channel for more in-depth and detailed discussion.
ivg
commented
2 years ago
Yes, we have the dynamic (using micro-execution) taint analysis engine, you can run it on an executable
./exewithThe analyzer will run the binary using microexecution and propagate taint. You can define your own policies (aka analysis), using Primus Lisp. Some of the example policy specifications (for you to get the general idea) could be found here or here. You're welcome to join our Gitter channel for more in-depth and detailed discussion.