PISE (Protocol Inference with Symbolic Execution) is a tool that leverages symbolic execution and automata learning to uncover the state machine of a protocol implemented in a given executable. It is available in two modules:
- The server: for performing the symbolic execution. Implemented in Python.
- The client: responsible for automata learning. Implemented in Java.
NOTE: this repo provides scripts for easy installing and running our tool on Ubuntu 20.04. If you wish to run it in Windows or Mac, then you will have to manually install and setup the server and the client.
Simply chmod +x install.sh, and then ./install.sh.
chmod +x run.sh and then ./run.sh {EXAMPLE_MODULE_PATH} where EXAMPLE_MODULE_PATH is one of:
examples.toy_client.toy_client_inferenceexamples.ghost.gh0st_rat_inferenceexamples.smtp.smtp_client_inferenceexamples.toy_client_async_inference
See README.md of PISEServer.
The PISE paper is available here.
Our Black Hat USA 2022 briefing is available here.