We have developed McSema, a new framework for analyzing and transforming machine-code programs. McSema translates x86 instructions into LLVM bitcode, with a translation strategy that allows for analysis by standard compiler algorithms. We will demonstrate McSema by adding control flow integrity to existing Windows DLLs. McSema is open source, permissively licensed, and is now available for use and modification.
Resources
Presented at
More info
- A Preview of McSema
- Close Encounters with Symbolic Execution (Part 1)
- Close Encounters with Symbolic Execution (Part 2)
Authors
- Andrew Ruef
- Artem Dinaburg