Skip to content
/ SEA Public

Symbolic Exploit Assistant (SEA) is a tool to help to create exploits of binary programs

Notifications You must be signed in to change notification settings

zhanif3/SEA

Repository files navigation

Description

"Symbolic Exploit Assistant" ( SEA ) is a small tool designed to assist the discovery and construction of exploits in binary programs. SEA is open source (GPL3) and is developed in colaboration between the research institutes CIFASIS (Rosario, Argentina) and VERIMAG (Grenoble, France) in an effort to improve security in binary programs.

Quick Start

To get started, you should have Python 2.7. To prepare the tool, the official Z3 Python binding (z3py) should be installed. Fortunately, just executing boostrap.sh will download and compile z3py.

After it finishes compiling, SEA is ready to be used. You can test SEA analyzing the converted code of the first example of Gera's Insecure Programming:

./SEA.py tests/reil/stack1_gcc.reil

The complete analysis of this example can be found here.

There is always a catch..

NOTE: Right now, SEA uses REIL code as input, to analyze a path. Unfortunately, REIL can be only generated from an executable file using BinNavi which runs in the top of IDA-Pro (two proprietary and expensive programs) Hopefully, this will change soon when SEA supports open frameworks for binary analysis like Bincoa or BAP.

Documentation, examples and more can be found in the wiki. Collaboration and feedback is greatly appreciated!.

About

Symbolic Exploit Assistant (SEA) is a tool to help to create exploits of binary programs

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published