Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I want to get the system call graph of the executable. Is this option available?I know -dcallgraph can get the call graph. #1372

Closed
lkpama opened this issue Nov 22, 2021 · 4 comments
Closed

I want to get the system call graph of the executable. Is this option available?I know -dcallgraph can get the call graph. #1372

lkpama opened this issue Nov 22, 2021 · 4 comments

Comments

@lkpama
Copy link

lkpama commented Nov 22, 2021

No description provided.

@ivg
Copy link
Member

ivg commented Nov 22, 2021

Can you please define what do you mean by the "system call graph"?

@lkpama
Copy link
Author

lkpama commented Nov 23, 2021

Can you please define what do you mean by the "system call graph"?

In fact, I want to get system calls , not all calls, like NtCreateFile,NeOpenFile , GetModuleHandle etc.

@ivg
Copy link
Member

ivg commented Nov 30, 2021

Typically, those calls a not made by a binary but by the corresponding system libraries that are linked by the binary, so you won't see them. If you will analyze the system libraries directly, you might see them, with encodings that depend on that binary and OS, e.g., they could be encoded as function calls or as CPU exceptions (CpuExn).

@ivg
Copy link
Member

ivg commented Dec 7, 2021

Feel free to drop by our gitter channel for further discussion. https://gitter.im/BinaryAnalysisPlatform/bap

@ivg ivg closed this as completed Dec 7, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ivg @lkpama