Skip to content
/ OpenSAW Public

OpenSAW is a framework that uses concolic execution to find bugs in compiled programs."

License

View license
6 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

EricssonResearch/OpenSAW

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
dev
dev
 
 
docs
docs
 
 
tools
tools
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

OpenSAW

OpenSAW stands for Open Security Analysis Workbench, and is a framework for building systems that use concolic execution to find bugs in compiled programs. OpenSAWs main feature is that it allows users to quickly start developing and testing their own bug-finding search strategies. OpenSAW is written in Python and allows the concolic execution engine to be replaced easily, letting users test how well their own concolic execution implementation performs in comparison with others.

Setup

See docs/SETUP.md

Usage

WARNING: Do not run OpenSAW on malicious code. The executable you provide is executed with the same permissions as OpenSAW.

Running OpenSAW on a binary is trivial in the OpenSAW virtual machine.
After you are connected to the machine, run the following command

python2.7 -m opensaw -i <initial_input> -- <executable> [arguments, {} is replaced by input filename]

to launch OpenSAW on <executable> that takes a single file as input argument. OpenSAW will start with passing the file defined by <initial_input> to the program and then proceed to generate new inputs based on the trace created by this execution.

To start the standalone GUI monitoring the progress, start the program OpenSAW/dev/gui/main.py.

See docs/Using OpenSAW.md for more details and information on how to track progress.

Building your own search strategy

One of the great features with OpenSAW is that it lets users quickly get their hands dirty and experiment with new bug-finding search strategies. This is done by extending an existing search strategy or writing a new one. Descriptions of existing search strategies and also instructions on how to write your own can be found in docs/Strategies.md

Repository Structure

OpenSAW/
  dev/             : development files
    coverage/      : OpenSAW's test coverage (generated by make)
    documentation/ : OpenSAW's documentation (generated by make)
    opensaw/       : OpenSAW, the main application
    gui/           : Standalone GUI
    test/          : test programs
    pintool/       : code for the pintool, both cgc and linux/i383 version.
  docs/            : documentation
  tools/           : required tools and scripts
                     (BAP and PIN installation archives and compiled iltrans and pintool)

About

OpenSAW is a framework that uses concolic execution to find bugs in compiled programs."

Resources

Readme

License

View license
Activity
Custom properties

Stars

6 stars

Watchers

9 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages