Skip to content

OpenSAW is a framework that uses concolic execution to find bugs in compiled programs

License

Notifications You must be signed in to change notification settings

pjlantz/OpenSAW

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

OpenSAW

OpenSAW stands for Open Security Analysis Workbench, and is a framework for building systems that use concolic execution to find bugs in compiled programs. OpenSAWs main feature is that it allows users to quickly start developing and testing their own bug-finding search strategies. OpenSAW is written in Python and allows the concolic execution engine to be replaced easily, letting users test how well their own concolic execution implementation performs in comparison with others.

Setup

See docs/SETUP.md

Usage

WARNING: Do not run OpenSAW on malicious code. The executable you provide is executed with the same permissions as OpenSAW.

Running OpenSAW on a binary is trivial in the OpenSAW virtual machine.
After you are connected to the machine, run the following command

python2.7 -m opensaw -i <initial_input> -- <executable> [arguments, {} is replaced by input filename]

to launch OpenSAW on <executable> that takes a single file as input argument. OpenSAW will start with passing the file defined by <initial_input> to the program and then proceed to generate new inputs based on the trace created by this execution.

To start the standalone GUI monitoring the progress, start the program OpenSAW/dev/gui/main.py.

See docs/Using OpenSAW.md for more details and information on how to track progress.

Building your own search strategy

One of the great features with OpenSAW is that it lets users quickly get their hands dirty and experiment with new bug-finding search strategies. This is done by extending an existing search strategy or writing a new one. Descriptions of existing search strategies and also instructions on how to write your own can be found in docs/Strategies.md

Repository Structure

OpenSAW/
  dev/             : development files
    coverage/      : OpenSAW's test coverage (generated by make)
    documentation/ : OpenSAW's documentation (generated by make)
    opensaw/       : OpenSAW, the main application
    gui/           : Standalone GUI
    test/          : test programs
    pintool/       : code for the pintool, both cgc and linux/i383 version.
  docs/            : documentation
  tools/           : required tools and scripts
                     (BAP and PIN installation archives and compiled iltrans and pintool)

About

OpenSAW is a framework that uses concolic execution to find bugs in compiled programs

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 80.7%
  • Python 17.1%
  • JavaScript 0.7%
  • Makefile 0.4%
  • C 0.4%
  • HTML 0.2%
  • Other 0.5%