Echo is an experimental generic, static analysis, symbolic execution and emulation framework, that aims to help out with binary code analysis for a variety of platforms or backends.
Echo is released under the LGPLv3 license.
- Generic Graph Models
- Traversal and structural detection algorithms
- Serialization to Dot/GraphViz
- Generic Control flow Analysis
- Create static and symbolic flow graphs
- Dominator analysis
- Serialize into scoped flow blocks or a list of instructions
- Generic Data flow Analysis
- Create data flow graphs
- Inspect stack and variable dependencies of instructions
- Generic AST Construction
- Lift control flow graphs to Abstract Syntax Trees (ASTs)
- Automatic variable cross-referencing
- Generic Emulation Engine Framework
- Virtual memory model using low level bit vectors
- Support for HLE and LLE arithmetic on fully known, partially known and fully unknown bit vectors of any size
| Architecture | Back-end | Control Flow | Data Flow | AST | Purity Classification | Emulation |
|---|---|---|---|---|---|---|
| CIL | AsmResolver | ✓ | ✓ | ✓ | ✓ | ✓ (WIP) |
| CIL | dnlib | ✓ | ✓ | ✓ | ✓ | |
| x86 (32-bit) | Iced | ✓ | ✓ | ✓ (WIP) | ||
| x86 (64-bit) | Iced | ✓ | ✓ | ✓ (WIP) |
| Branch | Status (Linux) |
|---|---|
| master |  |
Simply run
dotnet build
Alternatively, use any IDE that is capable of building .NET Standard 2.0 projects (such as Visual Studio or JetBrains Rider).
Not all projects need to be built for a working binary to be produced. Only the core libraries found in src/Core are required to be built. Any other project, such as the platform-specific back-ends in the src/Platforms directory and the test projects in test/, is optional and can be unloaded safely.
See CONTRIBUTING.md.
