Dna

Dna is a static analysis framework for x86/x64, mainly geared towards deobfuscation. It offers:

Instruction semantics for x86/x64 via TritonTranslator
Symbolic execution
Mixed boolean-arithmetic(MBA) simplification
SMT solver integration
Control flow graph recovery
Lifting to LLVM IR
Emulation
Parsing of executable file formats
Visualization of control flow graphs(Graphviz)
IR optimization passes
LLVM passes for simplifying obfuscated code
APIs for writing LLVM passes in C# (e.g. bindings for PassManager, MemorySSA, LoopInfo)
Function relocation(optionally across binaries, with some caveats)

You can find an example usage here.

Setup

The .NET component of Dna is supported on Windows, Linux, and Mac OSX. The C++ component(LLVM.Interop) has been used exclusively on windows.

To get the C++ component building, extract this precompiled version of llvm to the root directory of Dna.

Dna is now archived. It may be unarchived later on.

Name		Name	Last commit message	Last commit date
Latest commit History 133 Commits
Dna.ControlFlow		Dna.ControlFlow
Dna.DataStructures		Dna.DataStructures
Dna.Decompiler		Dna.Decompiler
Dna.Example		Dna.Example
Dna.LLVMInterop		Dna.LLVMInterop
Dna.Synthesis		Dna.Synthesis
Dna.Tests		Dna.Tests
Dna		Dna
TritonTranslator @ 92d7a87		TritonTranslator @ 92d7a87
unicorn-net @ cf7fc39		unicorn-net @ cf7fc39
.editorconfig		.editorconfig
.gitignore		.gitignore
.gitmodules		.gitmodules
Dna.sln		Dna.sln
README.md		README.md