Additional Material for the RevEngE (Reverse Engineering Engine) paper.
RevEngE was developed by Marcus Botacin and Lucas Galante, under supervision of Paulo de Geus and André Grégio.
Explore debugging extensions and malware decompilation capabilities based on dynamic GDB debugging sessions.
- bins: Stores decompiled binary files.
- sources: Stores decompiled source files.
- src: Stores RevEngE's introspection routines (optional).
- tests: Stores RevEngE's test-case files.
- paper: Contains the white-paper.
Source your GDB: (Notice: It might install packages to your system!!!)
source install.shCompile test files:
chmod +x tests/compile_tests.sh
./tests/compile_tests.shTest functionalities:
$ gdb <binary>
(gdb) revtestUpon starting RevEngE, you should see this screen:
If you need help to learn new commands, just type:
You can perform a fully automated execution and decompilation analysis by typing:
- The paper RevEngE is a dish served cold: Debug-Oriented Malware Decompilation and Reassembly was published in the Reversing and Offensive-oriented Trends Symposium 2019 (ROOTS). Check Here
- The slides for the ROOTS paper are available in this repository. Check Here
- The paper Extensões de Engenharia Reversa para o GDB was published in the XIX SBSEG. Check Here