This paper looks promising: "SIGMADIFF: Semantics-Aware Deep Graph Matching for Pseudocode Diffing".
https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=9671&context=sis_research
I ❤️ #BorgBackup!
I managed to recover from multiple bad situations - including severe filesystem corruption from bad memory.
But #Vorta is failing repeatedly every now & then (often unnoticed!) because of some database (migration?) problems so i moved to #borgmatic .
But now I miss #Vorta s #diffing feature so i wrote a #TUI in #golang doing that.
It is extremely limited but feels clean and useful enough that I think about publishing as is. But where? #github #gitlab #codeberg
Dear everyone in the academia (and maybe elsewhere) doing #bindiffing research: #SymbolicExecution does not work for comparing different architectures, unless you are using as input for your symbolic execution tool *decompiled code*.
If you are using assembly or using an IR (Intermediate Representation) based on assembler (like Ghidra' p-code, IDA's microcode, LLVM's IR, etc), it will inevitably produce different outputs.
Your best IR for #diffing is pseudo-code, the #decompiler's output.
@Mizu If you want more #datasets for #binary #diffing, take a look to this paper:
https://arxiv.org/abs/2011.10749
#BinaryDiffing #BinDiffing #BinaryCodeSimilarityAnlysis #BCSA
Binary code similarity analysis (BCSA) is widely used for diverse security applications, including plagiarism detection, software license violation detection, and vulnerability discovery. Despite the surging research interest in BCSA, it is significantly challenging to perform new research in this field for several reasons. First, most existing approaches focus only on the end results, namely, increasing the success rate of BCSA, by adopting uninterpretable machine learning. Moreover, they utilize their own benchmark, sharing neither the source code nor the entire dataset. Finally, researchers often use different terminologies or even use the same technique without citing the previous literature properly, which makes it difficult to reproduce or extend previous work. To address these problems, we take a step back from the mainstream and contemplate fundamental research questions for BCSA. Why does a certain technique or a certain feature show better results than the others? Specifically, we conduct the first systematic study on the basic features used in BCSA by leveraging interpretable feature engineering on a large-scale benchmark. Our study reveals various useful insights on BCSA. For example, we show that a simple interpretable model with a few basic features can achieve a comparable result to that of recent deep learning-based approaches. Furthermore, we show that the way we compile binaries or the correctness of underlying binary analysis tools can significantly affect the performance of BCSA. Lastly, we make all our source code and benchmark public and suggest future directions in this field to help further research.
I know nobody gives a fuck, but this is my next research topic for this year: Finding #bugs & #vulnerabilities by #diffing binaries against sources. It sounds much harder than it actually is.
#ProgramDiffing #VulnDev #VulnResearch #VulnerabilityDevelopment #VulnerabilityResearch #ReverseEngineering
#Compilers #CompilerOptimizations #CompilersBugs #Miscompilations
📢 Don’t forget to sign up for one of our advanced hands-on #infosec trainings! The first week of #RETURN23XPLOIT is only a few days away. Our trainings offer hands-on instruction from top industry experts. In week 1, learn #Diffing, #ExploitDev, #ARM64, #ReverseEngineering, #IDAPro & more. Don't miss out!
Level up your #cybersecurity skills with #RETURN23XPLOIT! Our trainings offer hands-on instruction from top industry experts. In week 1, learn #Diffing, #ExploitDev, #ARM64, #ReverseEngineering, #IDAPro & more. Don't miss out!
🐇 Happy #LunarNewYear! Strive to be clever like a rabbit, and get some #SundayReading in today. Here is “#Pigaios: A Tool for #Diffing Source Codes against #Binaries”, by our instructor Joxean Koret (@joxean)!
sometimes I want to edit #Microsoft #Word documents (binary files) but I also want to use #git's #diffing capabilities. Here's what I've patched together if it is helpful to anyone else: https://github.com/AFewBooks/fewbooks-config
Most of the real work was done by Roman Casero (for #Gerardus), I've just customized to my liking and ironed out a few issues I experienced when setting it up myself.
Simple setup for creating markdown versions of binary Word files so that one can diff the contents. - GitHub - AFewBooks/fewbooks-config: Simple setup for creating markdown versions of binary Word ...
Eye For Film
Joxean Koret (@matalaz)
Ponder Stibbons 🇧🇷🇩🇪
Ringzer0
Dave Mackey