SEA

1. Dear /r/ReverseEngineering,
2.  
3. Today we are opensourcing an early version of our tool
4. called "Symbolic Exploit Assistant" (SEA) for assisted exploit
5. generation and asking for help/collaboration from the community to
6. expand and improve it.
7. In a few words, this tool starts with a path in a disassembled binary
8. represented with an abstract intermediate language (we start supporting REIL)
9. to generate and solve SMT constraints according to the user request.
10. If the solver finds a solution, the values for the input variables can be used to
11. exploit the path of the program selected.
12.  
13. Of course, SEA is not state of the art but a few examples from
14. Gera's Insecure Programming can be "solved".
15.  
16. We tried to look for other open source and public tools like SEA, but we
17. couldn't find any. We believe that there should be completely open tools
18. that help people to find vulnerabilities easier and quicker.
19. We don't like the idea that only some companies and governments have
20. access to such tools. This is a very small step in the direction
21. of the democratisation of the access to exploitation tools.
22.  
23. Finally, we ask the community for help to do research, development and
24. implementation of SEA in order to build a tool to perform binary
25. analysis.
26.  
27. The code and some documentation is available in:
28.  
29. https://github.com/neuromancer/sea