Universal disassembly generation and processing for JARV1S/Kam1n0
The package will detect if IDA Pro is available in the path. If not, it will download and use Ghidra.
Required: Python 3+. [Optional: OpenJDK 13+]
# install from github:
pip install git+https://github.com/L1NNA/JARV1S-Ghidra@master
# install from offline installer:
python jvd_installer_windows.zipExample:
jvd binary_file_to_decompileBatch mode: (process files end with .o in the bins folder)
jvd bins --ext=.oIf IDA Pro is not in the path, Ghidra jar will be downloaded and installed.
If not using the offline installer, during the first run, the required jar and JDK will be downloaded to ~/jv-dependences if needed.
Options:
usage: jvd <file> [options]
โโ โโ โโโโโโโ โโโโโโโ โโโโโโโโโ
โโโ โโโ โโโโโโโโโ โโโโโโโโโ โโโ โโโ
โโโ โโโโ โโโ โโโ โโโ โโโ โโโ โโโ
โโโ โโโโ โโโ โโโ โโโ โโโ โโโ โโโ
โโโ โโโโ โโโ โโโ โโโ โโโ โโโโโโโโโโโโ
โโโ โโโ โโโ โโโ โโโ โโโ โโโ โโโ
โโโโ โ โโโ โโโ โโโ โโโ โโโ โโโ โโโ
โโโโโโโโโ โโ โโ โโ โโ โโ โโโ โโ
by โ
positional arguments:
file The binary file or the targeted path. (default: None)
optional arguments:
-h, --help show this help message and exit
--ext If the input is a folder, the file extension to
include. Default is all the files. Empty string will
select files without any `.`. (default: None)
Gobal commands and toggles:
--unpack Unpack before disassembling. (default: False)
--cleanup Clean up the temporary folders. (default: False)
--verbose {-1,0,1,2}
--make Make the installer for offline usage. (default: False)
Disassembling and decompilation:
--dis Disassemble all the applicable files. (default: False)
--dis-backend {ghidra}
The disassembler (default: ghidra)
--dis-decompile Decomiple the code (if IDA is chosen as disassembler,
it will use Ghidra to decompile and merge. (default:
False)
--dis-capa Analyze by capa (default: False)
Vex IR code extraction and symbolic execution:
--vex Extract vex code and execution path. (default: False)
--vex-tracelet For vex processing, extract tracelet (>0) rather than
full execution paths (-1). (default: -1)
--vex-loop Maximum bound of loops in symbolic execution (default:
2)
--vex-overlap The tracelets overlap each other. (default: False)
Source code processing:
--src Extract AST/CPGs from a source file or a folder.
(default: False)
--src-lang {cpp,c,python,java}
The source code language. (default: c)
Packed binaries will be unapcked (in order) by:
- p7zip (zip, rar, tar, gzip, etc)
- upx (original version)
- un{i}packer
- ASPack: Advanced commercial packer with a high compression ratio
- FSG: Freeware, fast to unpack
- MEW: Specifically designed for small binaries
- MPRESS: Free, more complex packer
- PEtite: Freeware packer, similar to ASPack
- UPX: Cross-platform, open source packer (including modified UPX)
- Steven Ding - Queen's Computing
- Litao Li - Queen's Computing
- Christopher Bennett - Carleton University
- Miguel Garzon - University of Ottawa, Bell Canada
git+https://github.com/L1NNA/JARV1S-Ghidra@master
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent