A forum for reverse engineering, OS internals and malware analysis 

Forum for announcements and questions about tools and software.


 #31116  by param_module
 Tue Dec 12, 2017 3:53 am
It's more of a library to build your own tools, but it's really nice I know the main author he is a pretty knowledgeable and cool guy, it does have a bit of a learning curve, and it tends to worry a lot about things that usually only people who are into general program analysis do.

It's super useful in the sense that let's say you're like me and you tend to look for samples with certain techniques, or have c2s set up in a more decentalized manner and all that, but you hate sifting through a bunch of shitty rats people made for a quick buck, well with BAP you can have it sift through things for you, let's say that there is a sample behind a runtime crypter, instead of going through volatility and let things run it's course, you could write something that can extract it from memory, or let's say you want to create your own behavioral analysis system using on top of hypervisors well Ocaml gives you a lot of control over Xen and KVM and bap is really good.

http://binaryanalysisplatform.github.io ... index.html,
https://users.ece.cmu.edu/~aavgerin/pap ... cav-11.pdf