can we extend capabilities of Uroboros for Windows PE executables?

s3team / uroboros

Infrastructure for Reassembleable Disassembling and Transformation

187 stars 56 forks source link

can we extend capabilities of Uroboros for Windows PE executables? #11

Open cengineer opened 4 years ago

cengineer commented 4 years ago

I would like to use Uroboros reassembleable disassembling technique for Windows executable files(exe,dll). can / use Uroboros instead of Mcsema framework?

ajaymas commented 4 years ago

Currently, Uroboros supports only 32-bit and 64-bit ELF executable binaries. If you like to extend Uroboros for PE binaries you can use it. Uroboros presently implemented to reassembleable disassembled binaries and perform the instrumentation on the stripped binaries. McSema is an opensource industry tool that accepts both PE and ELF binary and lifts to the LLVM-bitcode / IR further the lifted bitcode is converting back to binary.

dinghaowu commented 4 years ago

Yes, you are very welcome to extend Uroboros for PE binaries. We'll post a license that allows you to extend Uroboros.