Dynamic Taint Analysis in your Debugger! (SemTrax is now available)

Good news everyone! I'm very happy to announce that SemTrax is now available*. For all the details see semtrax.io, but in short: SemTrax adds dynamic taint analysis to your debugger, and by doing so it can make things like crash analysis, bug hunting, reverse engineering and plain old debugging, much easier. Built on our custom program analysis technology and integrated with the IDA static analysis platform, SemTrax can greatly increase your productivity when analysing complex software.

Over at semtrax.io there are a number of resources which should give you a feel for what SemTrax is capable of, including:

If you'd like to purchase a licence for SemTrax then check out semtrax.io/buy for licence options and pricing information. We're offering 15% off the listed prices for this version as a "Thanks!" to our early customers.  

One thing not addressed in the above is "What's next for SemTrax?". On that topic: one of our highest priorities is naturally x64 support, which should make it into the next release. We're also planning to overhaul the instrumentation process used to gather data for SemTrax to analyse, with the aim of decreasing the performance overhead on the target application. GDB support (as an alternative to IDA's debugger) is also on our to-do list. Of course we're always open to feature suggestions so if there's anything you'd like to see in SemTrax then drop us a mail!  

- Sean (@seanhn)

For the past 3 months, SemTrax has been available to our mailing list subscribers and I'd like to thank those early customers for their support. Prior to this we spent several months in beta testing and I'd also like to thank everyone that participated in that. Without both groups SemTrax would not have been possible.

Introducing SemTrax: A tool for semantics-aware, runtime dataflow tracking & visualisation on binary software

At Persistence Labs our goal is pretty straightforward: to make great tools motivated by real problems. One such problem, pervasive in software analysis, is dataflow tracking and visualisation. For the past year we've been working hard on exactly that and I'm pleased to introduce what will be our first product: SemTrax. As the title says, SemTrax is a semantics-aware, runtime, dataflow tracking and visualisation tool, designed to answer two fundamental questions:

  • Given a data source, what operations and sinks can it influence?
  • Given a data sink, what sources and operations contributed to it?

These questions are key in many tasks across debugging, vulnerability auditing, reverse engineering and exploit development. For example, tasks we've used SemTrax to help with include triaging memory corruption, tracking down dangling pointers, and attack surface identification. 

We'll have more details early next year, but for now if you'd like to see SemTrax in action check out the following video! In the meantime you can sign up to our mailing list if you'd like to keep up to date. Also, to participate in our forthcoming early access program contact products@persistencelabs.com for pricing information. 

Here's a screenshot for good measure. What you're looking at is SemTrax responding to a user request for information on how the current value of the zero flag was calculated, at a JZ instruction (the SemTrax UI is on the left monitor, with IDA on the right, in case that isn't obvious!).