gwen001
commented
2 months ago Issue correctly handled, tool is waiting for human validation.
Closed gwen001 closed 2 months ago
gwen001
commented
2 months ago Issue correctly handled, tool is waiting for human validation.
gwen001
commented
2 months ago Tool has been accepted by the team: https://offsec.tools/tool/qbindiff
Thank you for your contribution!
[tags]binaries,utils[/tags] [short_descr]Experimental binary diffing tool addressing the diffing as a aetwork alignement quadratic problem.[/short_descr] [link] https://diffing.quarkslab.com [/link] [link] https://github.com/quarkslab/qbindiff [/link] [long_descr] Bindiff is great, no doubt about it, but we have no control on the diffing process. Also, it works great on standard binaries but it lacks flexibility on some corner-cases (embedded firmwares, diffing two portions of the same binary etc...).
A key idea of QBinDiff is enabling tuning the diffing programmatically by:
In essence, the idea is to be able to diff by defining its own criteria which sometimes, is not the control-flow and instructions but could for instance, be data-oriented.
Last, QBinDiff as primarily been designed with the binary-diffing use-case in mind, but it can be applied to various other use-cases like social-networks. Indeed, diffing two programs boils down to determining the best alignment of the call graph following some similarity criterion.
Indeed, solving this problem is APX-hard, that why QBinDiff uses a machine learning approach (more precisely optimization) to approximate the best match.
Like Bindiff, QBinDiff also works using an exported disassembly of program obtained from IDA. Originally using BinExport, it now also support Quokka as backend, which extracted files, are more exhaustive and also more compact on disk (good for large binary dataset). [/long_descr] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/6cf5a39e279cc1240cd3a38bd0774d9f.png [/image]