Skip to content

Latest commit

 

History

History
79 lines (60 loc) · 5.9 KB

README.md

File metadata and controls

79 lines (60 loc) · 5.9 KB

re_lab

A portable reverse engineering environment using docker.

Getting Started

These instructions will get you a copy of the project up and running on your local machine.

Prerequisites

The environment is base on docker, to install it:

NOTE: You can find a installation guide on the docker web-site for the following distribution: CentOS, Debian, Fedora and Ubuntu. You can also install it from static binaries. But I recommand you to install docker with the package manager of your distribution.

Packages used

  • build-essential - Informational list of build-essential packages
  • gdb - The GNU Debugger
  • radare2 - Free and advanced command line hexadecimal editor
  • strace - A system call tracer
  • ltace - Tracks runtime library calls in dynamically linked programs
  • xxd - Tool to make (or reverse) a hex dump
  • bsdiff - Generate/apply a patch between two binary files
  • libcapstone-dev - Lightweight multi-architecture disassembly framework - devel files
  • libcapstone3 - Lightweight multi-architecture disassembly framework - library
  • flasm - Assembler and disassembler for Flash (SWF) bytecode
  • python-pip - Alternative Python package installer
  • python3 - Interactive high-level object-oriented language (default python3 version)
  • python3-pip - Alternative Python package installer - Python 3 version of the package
  • libffi-dev - Foreign Function Interface library (development files)
  • git - Fast, scalable, distributed revision control system
  • vim - Vi IMproved - enhanced vi editor
  • wget - Retrieves files from the web
  • llvm - Low-Level Virtual Machine (LLVM)
  • clang - Low-Level Virtual Machine (LLVM), C language family frontend
  • lldb - Next generation, high-performance debugger
  • volatility - Advanced memory forensics framework
  • binwalk - Tool for searching binary images for embedded files and executable code
  • python3-binwalk - Python3 library for analyzing binary blobs and executable code
  • gdb-peda - Python Exploit Development Assistance for GDB
  • angr - A powerful and user-friendly binary analysis platform!
  • sudo - Provide limited super user privileges to specific users
  • gcc-multilib - GNU C compiler (multilib files)
  • locales - Embedded GNU C Library: National Language (locale) data
  • tmux - Terminal multiplexer

Installing

$ docker build -t re_lab .
$ docker run -it \
    --privileged \
    -v $(pwd)/share_ro:/share_ro:ro \
    -v $(pwd)/share_rw:/share_rw \
    re_lab

Shared folders

  • /share_ro - read only access to access installation of packages
  • /share_rw - to be able to write and share the results with host system

Authors

  • Clément Boin - Initial work - cboin

License

This project is licensed under the GNU General Public License v3.0 - see the LICENSE.md file for details

Acknowledgments