ctf_import Logo

ctf_import

0
Free
Visit Website

A small library that allows you to run basic functions from stripped binaries cross platform. This library is designed for you to be able to quickly call functions from a stripped binary. All you need is the file name, the function offset, and the function signature. You can get these by reverse engineering the binary in IDA or Binary Ninja. void *import(char *file, size_t offset) #include "ctf_import.h" int main() { int (* fib)(int); // a.out is a binary with a fibonacci function at offset 0xf00 fib = (int (*)(int)) import("a.out", 0xf00); printf("%d %d %d %d %d\n", fib(1), fib(2), fib(3), fib(4), fib(5)); } To compile: $ gcc example.c ctf_import.c -o example $ ./example > 1 1 2 3 5 Notes: Although the code will run "cross-OS", it will not run cross architecture. Additionally, this does not handle syscalls and anything that interacts with globals.

FEATURES

ALTERNATIVES

A collection of publicly available YARA rules for detecting and classifying malware.

Fernflower is an analytical decompiler for Java with command-line options and support for external classes.

Malware sandbox for executing malicious files in an isolated environment with advanced features.

Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.

A cutting-edge AI-based IT security platform that identifies malware and cyber-attacks within seconds

A native Python cross-version decompiler and fragment decompiler.

A Scriptable Android Debugger for reverse engineers and developers.

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

PINNED