zynamics BinNavi 惡意程式分析軟體
zynamics BinNavi is the world's first debugging system based on directed graphs and graph visualization.
BinNavi 2.0 introduces many cool new features. There is a completely new GUI which makes it easier to work with disassembled files stored in BinNavi databases. All disassembled files in BinNavi databases can now be accessed from the main window. Different files can be combined into projects that can be used to analyze and debug multiple disassembled files and the interaction between them. Think of having one EXE file and multiple DLL files in one project for example.
zynamics BinNavi can:
- Display, layout, color and edit call hierarchies to clarify dependencies
- Navigate execution to a certain location in the code to prove/disprove hypothetical vulnerabilities
- Assist in crafting input to reach given code locations
- Interactively explore the structure of the program
- Run Python-scripts to automate reverse engineering tasks
- Debug on many different platforms: Win32, Linux, Cisco IOS, ScreenOS etc.
With our release of zynamics BinNavi v1.2, many important features have been added:
- Open Database Format: zynamics BinNavi now stores all data in a MySQL database in a convenient and flexible format. This facilitates the sharing of disassembly results amongst multiple users, data management and backup.
- Integrated Python Interpreter: zynamics BinNavi allows access to the entire disassembly, all callgraph and flowgraph structures, the memory and registers of the debugged process and much more from the convenience of an integrated Python command line
- Availability of the zynamics BinNavi GDB agent allows debugging on any platform that supports the gdb serial protocol. This includes most UNIXes and network embedded devices such as Cisco routers and Netscreen VPN appliances.
Please see the flash movies at the [BinNavi Flash Page] to get a better impression zynamics BinNavi's capabilities.
zynamics BinNavi consists of a Java-based GUI and several small debug clients for different platforms. zynamics BinNavi allows you to:
- Simultaneously set breakpoints on all known functions to see coverage and normal program flow
- Visualize and replay program execution
- Edit, move, and color nodepaths and nodes in the code flow path to aid in program understanding
Currently supported platforms (for the debugger) are Win32/x86 and Linux/x86 (ptrace). A WinCE/ARM debugger is experimental and is available (but sometimes buggy) upon request. The GUI is in pure Java and has been successfully tested on Windows, MacOS X and Linux.
We are also proud to offer the zynamics BinNavi GDB Agent, which allows debugging on any platform that speaks the GDB serial protocol in a dialect that we can deal with. The zynamics BinNavi GDB agent has been successfully tested under the following platforms:
- Linux x86
- FreeBSD x86
- Cisco IOS (PowerPC)
- Netscreen ScreenOS (PowerPC)