updated structure

mohitmishra786 · Nov 3, 2024 · 074cf1e · 074cf1e
1 parent bbbb796
commit 074cf1e
Show file tree

Hide file tree

Showing 4 changed files with 273 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -22,6 +22,7 @@ Welcome to the **Reversing Bits Cheatsheets** repository! This collection provid
 - **[WinDbg](src/windbg.md)**: Microsoft's debugger for Windows applications.
 - **[QEMU](src/qemu.md)**: Emulator and virtualizer for cross-platform analysis.
 - **[Valgrind](src/valgrind.md)**: Tool suite for debugging and profiling Linux programs.
+- **[Unicorn](src/unicorn.md)**: Lightweight, multi-platform CPU emulator framework.
 
 ### Disassemblers & Decompilers
 - **[IDA Pro](src/idapro.md)**: Industry-standard disassembler and debugger.
@@ -46,18 +47,16 @@ Welcome to the **Reversing Bits Cheatsheets** repository! This collection provid
 - **[Intel XED](src/intelXed.md)**: X86 encoder decoder library.
 - **[Spike](src/spike.md)**: Network protocol fuzzer.
 - **[FrEEdom](src/freedom.md)**: Binary analysis framework.
+- **[Diaphora](src/diaphora.md)**: Advanced binary diffing tool for IDA Pro.
 
 ## How to Use
-
 - **Installation**: Follow the OS-specific instructions in each cheatsheet for tool installation.
 - **Usage**: Each file contains usage examples, common commands, and advanced tips.
 - **Contributing**: If you have improvements or additional tools to add, please fork the repository, make your changes, and submit a pull request.
 
 ## License
-
 This repository is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
 
 ## Acknowledgements
-
 - Thanks to the developers and communities behind these tools for their invaluable resources.
 - Contributions are always appreciated! Check the [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines on how to contribute.
diff --git a/index.html b/index.html
@@ -130,6 +130,7 @@
             'bap': 'BAP - Binary Analysis Platform',
             'binaryninja': 'Binary Ninja',
             'capstone': 'Capstone - Multi-Architecture Disassembly',
+            'diaphora': 'Diaphora - Binary Diffing',
             'dyninst': 'Dyninst - Binary Instrumentation',
             'file': 'File Command',
             'freedom': 'FrEEdom Binary Analysis',
@@ -154,6 +155,7 @@
             'rizin': 'Rizin',
             'spike': 'SPIKE Fuzzer',
             'strings': 'Strings Utility',
+            'unicorn': 'Unicorn - CPU Emulator',
             'valgrind': 'Valgrind',
             'windbg': 'WinDbg',
             'yara': 'YARA Pattern Matching',
@@ -167,6 +169,7 @@
             'src/bap.md',
             'src/binaryninja.md',
             'src/capstone.md',
+            'src/diaphora.md',
             'src/dyninst.md',
             'src/file.md',
             'src/freedom.md',
@@ -191,12 +194,14 @@
             'src/rizin.md',
             'src/spike.md',
             'src/strings.md',
+            'src/unicorn.md',
             'src/valgrind.md',
             'src/windbg.md',
             'src/yara.md',
             'src/zynamics.md'
         ];
 
+        // Rest of the JavaScript remains the same
         let currentPageIndex = 0;
 
         // Theme toggling

diff --git a/src/diaphora.md b/src/diaphora.md
@@ -0,0 +1,110 @@
+# Diaphora Binary Diffing Cheatsheet
+
+## Installation Guide
+
+### IDA Pro Plugin Installation
+```bash
+# Clone repository
+git clone https://github.com/joxeankoret/diaphora.git
+
+# Copy to IDA plugins directory
+# For IDA 7.x
+cp diaphora.py %IDADIR%/plugins/
+```
+
+### Optional Dependencies
+```bash
+pip install pymssql
+pip install mysql-python
+pip install psycopg2
+```
+
+## Basic Operations
+
+### Exporting Binary Information
+| Command | Purpose |
+|---------|---------|
+| `File -> Script File... -> diaphora.py` | Launch Diaphora plugin |
+| `Export -> Binary` | Export binary for diffing |
+| `Export -> Database` | Export to SQLite database |
+| `Export -> Project` | Export project settings |
+
+### Diffing Commands
+
+#### Basic Diffing
+| Operation | Purpose |
+|-----------|---------|
+| `Diff -> Quick Diff` | Fast comparison |
+| `Diff -> Deep Diff` | Detailed analysis |
+| `Diff -> Selective Diff` | Compare specific functions |
+| `Diff -> Custom Diff` | User-defined comparison |
+
+#### Advanced Diffing
+| Operation | Purpose |
+|-----------|---------|
+| `Analysis -> Call Graphs` | Compare call graphs |
+| `Analysis -> Strings` | Compare string references |
+| `Analysis -> Constants` | Compare numerical constants |
+| `Analysis -> Imports` | Compare imported functions |
+
+### Matching Options
+
+#### Function Matching
+| Option | Purpose |
+|--------|---------|
+| `Match -> Exact` | 100% identical matches |
+| `Match -> Partial` | Similar functions |
+| `Match -> Sequential` | Order-based matching |
+| `Match -> Experimental` | AI-based matching |
+
+#### Heuristic Settings
+| Setting | Purpose |
+|---------|---------|
+| `Heuristic -> Basic Blocks` | Compare block structure |
+| `Heuristic -> Instructions` | Compare instruction sequences |
+| `Heuristic -> Mnemonics` | Compare assembly mnemonics |
+| `Heuristic -> Names` | Compare function names |
+
+## Results Analysis
+
+### Viewing Results
+| View | Purpose |
+|------|---------|
+| `Results -> Best Matches` | Show highest confidence matches |
+| `Results -> Partial Matches` | Show similar functions |
+| `Results -> Unmatched` | Show unique functions |
+| `Results -> Statistics` | Show diffing statistics |
+
+### Export Options
+| Format | Command |
+|--------|---------|
+| `Export -> CSV` | Export results to CSV |
+| `Export -> SQL` | Export to SQL database |
+| `Export -> JSON` | Export to JSON format |
+| `Export -> HTML` | Generate HTML report |
+
+## Advanced Features
+
+### Batch Processing
+| Command | Purpose |
+|---------|---------|
+| `Batch -> Load Files` | Process multiple binaries |
+| `Batch -> Export All` | Export batch results |
+| `Batch -> Compare All` | Diff multiple files |
+| `Batch -> Generate Report` | Create batch report |
+
+### Customization
+| Feature | Purpose |
+|---------|---------|
+| `Config -> Thresholds` | Adjust matching sensitivity |
+| `Config -> Filters` | Set comparison filters |
+| `Config -> Ignore Lists` | Exclude functions/areas |
+| `Config -> Plugins` | Manage custom plugins |
+
+### Debugging
+| Command | Purpose |
+|---------|---------|
+| `Debug -> Log` | Show debug information |
+| `Debug -> Profile` | Performance analysis |
+| `Debug -> Validate` | Check results accuracy |
+| `Debug -> Compare` | Manual result verification |
diff --git a/src/unicorn.md b/src/unicorn.md
@@ -0,0 +1,156 @@
+# Unicorn Engine Cheatsheet
+
+## Installation Guide
+
+### Python Bindings
+```bash
+# Via pip
+pip install unicorn
+
+# From source
+git clone https://github.com/unicorn-engine/unicorn.git
+cd unicorn && ./make.sh
+cd bindings/python && python setup.py install
+```
+
+### C/C++ Installation
+```bash
+# Ubuntu/Debian
+sudo apt-get update
+sudo apt-get install unicorn-dev
+
+# macOS
+brew install unicorn
+
+# Windows (MSYS2)
+pacman -S mingw-w64-x86_64-unicorn
+```
+
+## Basic Operations
+
+### Initialization
+```python
+from unicorn import *
+from unicorn.x86_const import *
+
+# Initialize emulator
+mu = Uc(UC_ARCH_X86, UC_MODE_32)  # 32-bit x86
+mu = Uc(UC_ARCH_X86, UC_MODE_64)  # 64-bit x86
+mu = Uc(UC_ARCH_ARM, UC_MODE_ARM)  # ARM
+mu = Uc(UC_ARCH_ARM64, UC_MODE_ARM)  # ARM64
+```
+
+### Memory Operations
+| Operation | Example | Purpose |
+|-----------|---------|---------|
+| `mem_map()` | `mu.mem_map(0x1000, 0x1000)` | Map memory region |
+| `mem_write()` | `mu.mem_write(addr, code)` | Write to memory |
+| `mem_read()` | `mu.mem_read(addr, size)` | Read from memory |
+| `mem_unmap()` | `mu.mem_unmap(addr, size)` | Unmap memory |
+| `mem_protect()` | `mu.mem_protect(addr, size, prot)` | Set protection |
+
+### Execution Control
+| Command | Usage | Purpose |
+|---------|-------|---------|
+| `emu_start()` | `mu.emu_start(start, end)` | Start emulation |
+| `emu_stop()` | `mu.emu_stop()` | Stop emulation |
+| `reg_write()` | `mu.reg_write(reg, val)` | Write register |
+| `reg_read()` | `mu.reg_read(reg)` | Read register |
+
+## Hooks and Callbacks
+
+### Hook Types
+| Hook | Purpose |
+|------|---------|
+| `UC_HOOK_CODE` | Instructions |
+| `UC_HOOK_BLOCK` | Basic blocks |
+| `UC_HOOK_MEM_READ` | Memory reads |
+| `UC_HOOK_MEM_WRITE` | Memory writes |
+| `UC_HOOK_MEM_FETCH` | Memory fetches |
+| `UC_HOOK_INTR` | Interrupts |
+
+### Hook Examples
+```python
+# Code hook
+def hook_code(uc, address, size, user_data):
+    print(f"Executing: 0x{address:x}")
+
+mu.hook_add(UC_HOOK_CODE, hook_code)
+
+# Memory hook
+def hook_mem_access(uc, access, address, size, value, user_data):
+    print(f"Memory access at 0x{address:x}")
+
+mu.hook_add(UC_HOOK_MEM_READ | UC_HOOK_MEM_WRITE, hook_mem_access)
+```
+
+## Advanced Features
+
+### Context Management
+| Operation | Usage | Purpose |
+|-----------|-------|---------|
+| `context_save()` | `context = mu.context_save()` | Save state |
+| `context_restore()` | `mu.context_restore(context)` | Restore state |
+| `context_update()` | `mu.context_update(context)` | Update state |
+
+### Error Handling
+```python
+try:
+    mu.emu_start(address, address + size)
+except UcError as e:
+    print(f"Error: {e}")
+```
+
+### Common Error Codes
+| Code | Meaning |
+|------|----------|
+| `UC_ERR_WRITE_UNMAPPED` | Write to unmapped memory |
+| `UC_ERR_READ_UNMAPPED` | Read from unmapped memory |
+| `UC_ERR_FETCH_UNMAPPED` | Fetch from unmapped memory |
+| `UC_ERR_WRITE_PROT` | Write to protected memory |
+| `UC_ERR_READ_PROT` | Read from protected memory |
+
+## Debugging and Analysis
+
+### Debug Features
+| Feature | Usage | Purpose |
+|---------|-------|---------|
+| `tracing()` | `mu.tracing()` | Enable tracing |
+| `debug()` | `mu.debug()` | Debug mode |
+| `query()` | `mu.query(UC_QUERY_*)` | Query emulator |
+
+### Performance Optimization
+| Setting | Purpose |
+|---------|----------|
+| `timeout` | Set execution timeout |
+| `count` | Set instruction count |
+| `page_size` | Configure page size |
+| `arch_detail` | Toggle detailed mode |
+
+### Integration Examples
+
+#### Basic x86 Emulation
+```python
+# Define code to emulate
+X86_CODE32 = b"\x41\x4a"  # INC ecx; DEC edx
+
+# Initialize emulator
+mu = Uc(UC_ARCH_X86, UC_MODE_32)
+mu.mem_map(0x1000, 0x1000)
+mu.mem_write(0x1000, X86_CODE32)
+mu.reg_write(UC_X86_REG_ECX, 0x1)
+mu.reg_write(UC_X86_REG_EDX, 0x2)
+mu.emu_start(0x1000, 0x1000 + len(X86_CODE32))
+```
+
+#### ARM Emulation
+```python
+# Define ARM code
+ARM_CODE = b"\x00\xe0\xa0\xe3"  # mov r0, #0
+
+# Initialize emulator
+mu = Uc(UC_ARCH_ARM, UC_MODE_ARM)
+mu.mem_map(0x1000, 0x1000)
+mu.mem_write(0x1000, ARM_CODE)
+mu.emu_start(0x1000, 0x1000 + len(ARM_CODE))
+```