angr的目标是使对二进制程序进行有用的分析变得容易。为此,angr允许你将分析代码打包成一种通用的格式,这种格式可以很容易地应用于任何项目。稍后我们将讨论编写您自己的分析,但其思想是,所有的分析都出现在项目中。分析(例如,project. analysis. cfgfast()),可以作为函数调用,返回分析结果实例。
Built-in Analyses
| Name | Description |
|---|---|
| CFGFast | Constructs a fast Control Flow Graph of the program |
| CFGEmulated | Constructs an accurate Control Flow Graph of the program |
| VFG | Performs VSA on every function of the program, creating a Value Flow Graph and detecting stack variables |
| DDG | Calculates a Data Dependency Graph, allowing one to determine what statements a given value depends on |
| BackwardSlice | Computes a Backward Slice of a program with respect to a certain target |
| Identifier | Identifies common library functions in CGC binaries |
| More! | angr has quite a few analyses, most of which work! If you'd like to know how to use one, please submit an issue requesting documentation. |
弹性
可以编写具有弹性的分析,捕捉并记录几乎所有的错误。这些错误(取决于它们被捕获的方式)被记录到分析的errors或named_errors属性中。但是,您可能希望以“快速失败”模式运行分析,这样错误就不会得到处理。为此,参数fail_fast=True可以传递到分析构造函数中。
