VMHunt: Extraction and Simplification of Virtualized Binary Code

VMHunt is a set of tools for analyzing virtualized binary code. Now we only support 32 bit traces.

Prerequisites

PIN tools from Intel. I tested version 2.13 and 3.2, but other versions probably work as well.
g++ compiler (6.0 version or above).

Compile the tracer: run make PIN_ROOT=PinDirectory TARGET=ia32 $* in the tracer directory.
Compile VMHunt: run make in the project root directory.

Use the tracer to record an execution trace.
pin -t tracer/obj-ia32/instracelog.so -- yourprogram
Extract virtualized snippet in the trace.
./vmextract tracefile
Backward slice the trace.
./slicer tracefile
Run MG symbolic execution
./mgse tracefile

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
tracer		tracer
Makefile		Makefile
README.md		README.md
core.cpp		core.cpp
core.hpp		core.hpp
main.cpp		main.cpp
mg-symengine.cpp		mg-symengine.cpp
mg-symengine.hpp		mg-symengine.hpp
parser.cpp		parser.cpp
parser.hpp		parser.hpp
slicer.cpp		slicer.cpp
vmextract.cpp		vmextract.cpp