blob: 8854e887341f29485fbce651e1e1ff22a1b2dce6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
post_install() {
printf "%b\n" "$vivisect"
}
read -d '' vivisect <<'EOF'
=== Vivisect / Vdb / Vtrace
Now all as one project! ( made sense once vivisect went public )
For more in-depth docs on various topics, see the wiki at
http://visi.kenshoto.com/
=== Vdb
As in previous vdb releases, the command "python vdbbin" from the
checkout directory will drop you into a debugger prompt on supported
platforms. ( Windows / Linux / FreeBSD / OSX... kinda? )
Commands in vdb grow/refine quickly, so use in-line help such as:
vdb> help
or...
vdb> help writemem
to show available commands and options. Additionally, for basic vdb use,
the wiki at http://visi.kenshoto.com/
=== Vivisect
Fairly un-documented static analysis / emulation / symbolik analysis
framework for PE/Elf/Mach-O/Blob binary formats on various architectures.
To start with, you probably want to run a "bulk analysis" pass on a
binary using:
python vivbin -B <binaryfile>
which will leave you with <binaryfile>.viv
Then run:
python vivbin <binaryfile>.viv
to open the GUI and begin reverse engineering. As with most vtoys,
the ui relies fairly heavily on right-click context menus and various
memory views.
For the binary ninjas, all APIs used during automatic analysis ( and
several that aren't ) are directly accessible for use writing your own
custom research tools... The interface should be nearly the same when
dealing with a real process ( via vdb/vtrace ) and dealing with an
emulator / viv workspace.
EOF
|