Miasm is a Python framework for assembling, disassembling, symbolic execution and emulation on various platforms.
It's under active development, so older source code examples on the web e.g. the ones on the Miasm blog may require some porting to work with to the current version.
The framework is also extensively tested, so the looking into the code in the test
directory helps when you're looking for examples of specific function calls.
sym_exec.py shows how to disassemble and use the SymbolicExecutionEngine
to get the IR expression for the destination of the current block. It
also shows basics of working with expressions to provide a simplified context.
emu.py shows how to use the high-level Sandbox abstraction to emulate parts
of the code. Sandbox provides you several options out of the box which makes
debugging the emulation process easy.
- Miasm blog - Home to several examples that really showcases the power of this tool
- Advanced Binary Deobfuscation - Up-to-date Miasm scripts from the NTT Secure Platform Laboratories course, very good examples
- Examples - Official examples from the Github repo
- Extra docs - Handy Jupyter Notebooks on Miasm concepts like the IR, Expressions and LocationDB