Skip to content
forked from columbia/egalito

Self-hosting binary instrumentation framework for security research

License

Notifications You must be signed in to change notification settings

desenSun/egalito

 
 

Repository files navigation

Egalito is a binary recompiler, designed for implementing security hardening.
It uses a low-level intermediate representation (EIR or Chunk) that accurately
reflects all aspects of a program binary. Egalito uses metadata present in
modern position-independent binaries to turn all cross-references into EIR
Links, allowing code to be arbitrarily rearranged without additional overhead.
Output generation in the form of ELFs or union ELFs is supported, and Egalito
provides a custom loader that allows it to bootstrap into a fully self-hosted
environment (parsing and transforming libegalito.so).

Egalito supports x86_64 and aarch64, with experimental support for RISC-V.

For more information, please visit: https://egalito.org

To build:
$ sudo apt-get install make g++ libreadline-dev gdb lsb-release unzip
$ sudo apt-get install libc6-dbg libstdc++6-7-dbg  # names may differ
$ git submodule update --init --recursive
$ make -j `nproc`

To test, try:
$ cd test/codegen && make && cd -
$ cd app && ./etelf -m ../src/ex/hello hello && ./hello && cd -
$ cd src && ./loader ex/hello && cd -
$ cd app && ./etshell

Other extensions:
- Python bindings and Python shell: see app/README-python
- Docker: see test/docker/README.md

About

Self-hosting binary instrumentation framework for security research

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C++ 93.5%
  • C 1.7%
  • Makefile 1.4%
  • Shell 0.9%
  • Perl 0.9%
  • Assembly 0.8%
  • Other 0.8%