zigzi
Contents
Introduction
Installation and Integration
Install and Integration
Requirement
TUTORIAL
Return Address Verifier
PE
시연
Package Browse
zigzi package
Submodules
zigzi.CodeManager module
zigzi.DataObject module
zigzi.DataSegment module
zigzi.Disassembler module
zigzi.Heap module
zigzi.Log module
zigzi.PEAnalyzeTool module
zigzi.PEInstrument module
zigzi.PEManager module
zigzi.SampleReturnVerifier module
zigzi.Stack module
zigzi.WindowAPIHelper module
Module contents
zigzi
Docs
»
Index
Index
A
|
B
|
C
|
D
|
F
|
G
|
H
|
I
|
L
|
M
|
N
|
O
|
P
|
R
|
S
|
T
|
W
|
Z
A
add_dll_to_import_descriptor() (zigzi.WindowAPIHelper.WindowAPIHelper method)
add_function_to_import() (zigzi.WindowAPIHelper.WindowAPIHelper method)
add_message_box() (zigzi.WindowAPIHelper.WindowAPIHelper method)
adjust_bound_imports() (zigzi.PEManager.PEManager method)
adjust_data_directory_size() (zigzi.WindowAPIHelper.WindowAPIHelper method)
adjust_data_in_range() (zigzi.PEManager.PEManager method)
adjust_debug() (zigzi.PEManager.PEManager method)
adjust_delay_import() (zigzi.PEManager.PEManager method)
adjust_direct_branches() (zigzi.PEInstrument.PEInstrument method)
adjust_directories() (zigzi.PEManager.PEManager method)
adjust_export() (zigzi.PEManager.PEManager method)
adjust_file_layout() (zigzi.PEManager.PEManager method)
adjust_iat() (zigzi.PEManager.PEManager method)
adjust_import() (zigzi.PEManager.PEManager method)
adjust_instruction_layout() (zigzi.PEInstrument.PEInstrument method)
adjust_load_config() (zigzi.PEManager.PEManager method)
adjust_references_of_iat() (zigzi.WindowAPIHelper.WindowAPIHelper method)
adjust_registers_instruction_operand() (zigzi.PEInstrument.PEInstrument method)
adjust_relocation() (zigzi.PEManager.PEManager method)
adjust_relocation_directories() (zigzi.PEManager.PEManager method)
adjust_relocation_offset() (zigzi.PEManager.PEManager method)
adjust_resource() (zigzi.PEManager.PEManager method)
adjust_TLS() (zigzi.PEManager.PEManager method)
append() (zigzi.PEAnalyzeTool.BasicBlock method)
append_byte() (zigzi.DataObject.DataObject method)
append_chunk() (zigzi.DataObject.DataObject method)
append_code() (zigzi.PEInstrument.PEInstrument method)
append_data_to_file() (zigzi.PEManager.PEManager method)
append_dword() (zigzi.DataObject.DataObject method)
append_element() (zigzi.Heap.Heap method)
append_element_finish() (zigzi.Heap.Heap method)
append_finish() (zigzi.DataObject.DataObject method)
append_import_thunk_to_descriptor() (zigzi.WindowAPIHelper.WindowAPIHelper method)
append_import_thunk_to_next_of_descriptor() (zigzi.WindowAPIHelper.WindowAPIHelper method)
append_relocation_entry_to_block() (zigzi.PEManager.PEManager method)
append_section_to_file() (zigzi.PEManager.PEManager method)
append_string() (zigzi.Heap.Heap method)
append_to_iat() (zigzi.WindowAPIHelper.WindowAPIHelper method)
append_word() (zigzi.DataObject.DataObject method)
assignNewBranch() (zigzi.PEAnalyzeTool.PEAnalyzer method)
B
base_address (zigzi.DataObject.DataObject attribute)
base_point (zigzi.Stack.Stack attribute)
BasicBlock (class in zigzi.PEAnalyzeTool)
C
Chunk (class in zigzi.DataSegment)
code_handled() (zigzi.CodeManager.CodeManager method)
CodeManager (class in zigzi.CodeManager)
create_new_data_section() (zigzi.PEManager.PEManager method)
create_new_executable_section() (zigzi.PEManager.PEManager method)
D
DataObject (class in zigzi.DataObject)
declare_byte() (zigzi.DataObject.DataObject method)
declare_dword() (zigzi.DataObject.DataObject method)
declare_word() (zigzi.DataObject.DataObject method)
disassemble() (zigzi.Disassembler.Disassembler method)
disassemble_dict_handle() (zigzi.Disassembler.Disassembler method)
disassemble_list_handle() (zigzi.Disassembler.Disassembler method)
Disassembler (class in zigzi.Disassembler)
do_indirect_branch_counting() (in module zigzi)
do_instrument() (zigzi.PEInstrument.PEInstrument method)
do_return_address_verifier() (in module zigzi)
F
falloc() (zigzi.PEInstrument.PEInstrument method)
fin() (zigzi.Log.Logger method)
frame_point (zigzi.Stack.Stack attribute)
from_filename() (zigzi.PEInstrument.PEInstrument class method)
G
gen_new_empty_import_descriptor() (zigzi.PEManager.PEManager method)
gen_new_empty_import_thunk() (zigzi.PEManager.PEManager method)
gen_new_import_lookup_table() (zigzi.WindowAPIHelper.WindowAPIHelper method)
gen_new_import_thunk() (zigzi.WindowAPIHelper.WindowAPIHelper method)
gen_new_relocation_block() (zigzi.PEManager.PEManager method)
gen_new_relocation_entry() (zigzi.PEManager.PEManager method)
gen_new_thunk() (zigzi.WindowAPIHelper.WindowAPIHelper method)
gen_separator_thunk() (zigzi.WindowAPIHelper.WindowAPIHelper method)
genControlFlowGraph() (zigzi.PEAnalyzeTool.PEAnalyzer method)
get_abs_va_from_offset() (zigzi.PEManager.PEManager method)
get_abs_va_from_rva() (zigzi.PEManager.PEManager method)
get_aligned_offset() (zigzi.PEManager.PEManager method)
get_aligned_rva() (zigzi.PEManager.PEManager method)
get_base_rva() (zigzi.CodeManager.CodeManager method)
get_bytes_at_offset() (zigzi.PEManager.PEManager method)
get_cloned_section_header() (zigzi.PEManager.PEManager static method)
get_code() (zigzi.CodeManager.CodeManager method)
(zigzi.PEInstrument.PEInstrument method)
get_current_base_pos() (zigzi.DataObject.DataObject method)
get_data_at_offset() (zigzi.CodeManager.CodeManager method)
get_data_directory_address_range() (zigzi.PEManager.PEManager method)
get_data_from_offset_with_format() (zigzi.CodeManager.CodeManager method)
get_data_from_rva() (zigzi.CodeManager.CodeManager method)
get_data_section() (zigzi.PEManager.PEManager method)
get_disassemble_dict() (zigzi.Disassembler.Disassembler method)
get_disassemble_list() (zigzi.Disassembler.Disassembler method)
get_dword_from_offset() (zigzi.CodeManager.CodeManager method)
get_entry_point_rva() (zigzi.PEManager.PEManager method)
get_file_data() (zigzi.PEManager.PEManager method)
get_format_from_size() (zigzi.CodeManager.CodeManager static method)
get_format_from_size_little_endian() (zigzi.CodeManager.CodeManager static method)
get_iat_rva_with_size() (zigzi.WindowAPIHelper.WindowAPIHelper method)
get_image_base() (zigzi.PEManager.PEManager method)
get_image_size() (zigzi.PEManager.PEManager method)
get_import_address_table_address_range() (zigzi.PEManager.PEManager method)
get_import_descriptor_address_range() (zigzi.PEManager.PEManager method)
get_import_structures() (zigzi.PEManager.PEManager method)
get_imports_range_in_structures() (zigzi.PEManager.PEManager method)
get_instructions() (zigzi.PEInstrument.PEInstrument method)
get_instrument() (zigzi.PEManager.PEManager method)
get_instrumented_pos() (zigzi.PEInstrument.PEInstrument method)
get_instrumented_size() (zigzi.PEInstrument.PEInstrument method)
get_instrumented_total_size() (zigzi.PEInstrument.PEInstrument method)
get_instrumented_vector_size() (zigzi.PEInstrument.PEInstrument method)
get_last_import_address_thunk() (zigzi.WindowAPIHelper.WindowAPIHelper method)
get_last_import_descriptor() (zigzi.WindowAPIHelper.WindowAPIHelper method)
get_last_import_descriptor_offset() (zigzi.WindowAPIHelper.WindowAPIHelper method)
get_last_import_lookup_thunk() (zigzi.WindowAPIHelper.WindowAPIHelper method)
get_last_import_thunk_offset() (zigzi.WindowAPIHelper.WindowAPIHelper method)
get_log_path() (zigzi.Log.Logger method)
get_new_empty_thunk() (zigzi.PEManager.PEManager method)
get_new_logger() (zigzi.Log.LoggerFactory method)
get_opcode_length() (zigzi.Disassembler.Disassembler static method)
get_ordinal_from_common_library() (zigzi.WindowAPIHelper.WindowAPIHelper method)
get_pe_manager() (zigzi.PEInstrument.PEInstrument method)
get_relocation() (zigzi.PEManager.PEManager method)
get_relocation_directories() (zigzi.PEManager.PEManager method)
get_relocation_from_structures() (zigzi.PEManager.PEManager method)
get_section_alignment() (zigzi.PEManager.PEManager method)
get_section_belong_rva() (zigzi.PEManager.PEManager method)
get_section_raw_data() (zigzi.PEManager.PEManager method)
get_structure_from_rva() (zigzi.PEManager.PEManager method)
get_text_section() (zigzi.PEManager.PEManager method)
get_text_section_virtual_address_range() (zigzi.PEManager.PEManager method)
get_va() (zigzi.DataSegment.Chunk method)
get_variable_reference() (zigzi.DataObject.DataObject method)
get_variable_value() (zigzi.DataObject.DataObject method)
getStartAddress() (zigzi.PEAnalyzeTool.BasicBlock method)
H
handle_FC_CALL() (zigzi.PEAnalyzeTool.PEAnalyzer method)
handle_FC_CND_BRANCH() (zigzi.PEAnalyzeTool.PEAnalyzer method)
handle_FC_NONE() (zigzi.PEAnalyzeTool.PEAnalyzer method)
handle_FC_RET() (zigzi.PEAnalyzeTool.PEAnalyzer method)
handle_FC_SYS() (zigzi.PEAnalyzeTool.PEAnalyzer method)
handle_FC_UNC_BRANCH() (zigzi.PEAnalyzeTool.PEAnalyzer method)
handle_overflowed_instrument() (zigzi.PEInstrument.PEInstrument method)
handleConrolFlow() (zigzi.PEAnalyzeTool.PEAnalyzer method)
Heap (class in zigzi.Heap)
I
init_byte_order() (zigzi.DataObject.DataObject method)
instrument() (zigzi.CodeManager.CodeManager method)
(zigzi.PEInstrument.PEInstrument method)
instrument_at_last() (zigzi.CodeManager.CodeManager method)
instrument_with_replace() (zigzi.CodeManager.CodeManager method)
is_after_indirect_branch_instrument_exist() (zigzi.PEInstrument.PEInstrument method)
is_after_relative_branch_instrument_exist() (zigzi.PEInstrument.PEInstrument method)
is_after_return_instrument_exist() (zigzi.PEInstrument.PEInstrument method)
is_already_import_dll() (zigzi.WindowAPIHelper.WindowAPIHelper method)
is_already_import_function() (zigzi.WindowAPIHelper.WindowAPIHelper method)
is_append_not_finish() (zigzi.DataObject.DataObject method)
is_branch() (zigzi.Disassembler.Disassembler static method)
is_call() (zigzi.Disassembler.Disassembler static method)
is_executable_section() (zigzi.PEManager.PEManager static method)
is_indirect_branch() (zigzi.Disassembler.Disassembler static method)
is_need_code_handle() (zigzi.CodeManager.CodeManager method)
is_need_handle_disassemble_dict() (zigzi.Disassembler.Disassembler method)
is_need_handle_disassemble_list() (zigzi.Disassembler.Disassembler method)
is_possible_relocation() (zigzi.PEManager.PEManager method)
is_pre_indirect_branch_instrument_exist() (zigzi.PEInstrument.PEInstrument method)
is_pre_relative_branch_instrument_exist() (zigzi.PEInstrument.PEInstrument method)
is_pre_return_instrument_exist() (zigzi.PEInstrument.PEInstrument method)
is_relative_branch() (zigzi.Disassembler.Disassembler static method)
is_return() (zigzi.Disassembler.Disassembler static method)
L
log() (zigzi.Log.Logger method)
Logger (class in zigzi.Log)
LoggerFactory (class in zigzi.Log)
M
merge_adjust_pos_with_prev() (zigzi.PEInstrument.PEInstrument method)
move_imports_offset_to_new_section() (zigzi.WindowAPIHelper.WindowAPIHelper method)
N
need_code_handle() (zigzi.CodeManager.CodeManager method)
need_handle_disassemble_list() (zigzi.Disassembler.Disassembler method)
need_handled_disassemble_dict() (zigzi.Disassembler.Disassembler method)
O
OPERAND_ABSOLUTE_ADDRESS (zigzi.PEAnalyzeTool.PEAnalyzer attribute)
OPERAND_FAR_MEMORY (zigzi.PEAnalyzeTool.PEAnalyzer attribute)
OPERAND_IMMEDIATE (zigzi.PEAnalyzeTool.PEAnalyzer attribute)
OPERAND_MEMORY (zigzi.PEAnalyzeTool.PEAnalyzer attribute)
OPERAND_NONE (zigzi.PEAnalyzeTool.PEAnalyzer attribute)
OPERAND_REGISTER (zigzi.PEAnalyzeTool.PEAnalyzer attribute)
P
parse() (zigzi.PEAnalyzeTool.PEAnalyzer method)
parser() (zigzi.PEAnalyzeTool.PEAnalyzer method)
PEAnalyzer (class in zigzi.PEAnalyzeTool)
PEInstrument (class in zigzi.PEInstrument)
PEManager (class in zigzi.PEManager)
pop() (zigzi.Stack.Stack method)
print_imports_offset() (zigzi.WindowAPIHelper.WindowAPIHelper method)
push() (zigzi.Stack.Stack method)
R
register_after_indirect_branch() (zigzi.PEInstrument.PEInstrument method)
register_after_relative_branch() (zigzi.PEInstrument.PEInstrument method)
register_after_return() (zigzi.PEInstrument.PEInstrument method)
register_pre_indirect_branch() (zigzi.PEInstrument.PEInstrument method)
register_pre_relative_branch() (zigzi.PEInstrument.PEInstrument method)
register_pre_return() (zigzi.PEInstrument.PEInstrument method)
register_rva_to_relocation() (zigzi.PEManager.PEManager method)
relocation_entry_move_to_appropriate_block() (zigzi.PEManager.PEManager method)
removeInstructionFromMap() (zigzi.PEAnalyzeTool.PEAnalyzer method)
S
save_cfg() (zigzi.PEAnalyzeTool.PEAnalyzer method)
save_instrument_history() (zigzi.PEInstrument.PEInstrument method)
save_local_variable() (zigzi.DataObject.DataObject method)
save_modified_imports() (zigzi.WindowAPIHelper.WindowAPIHelper method)
set_data_at_offset_with_format() (zigzi.CodeManager.CodeManager method)
set_dword_at_rva() (zigzi.PEManager.PEManager method)
set_entry_point() (zigzi.PEManager.PEManager method)
set_instruction_at_offset() (zigzi.CodeManager.CodeManager method)
set_instrument() (zigzi.PEManager.PEManager method)
set_variable_value() (zigzi.DataObject.DataObject method)
simple_indirect_branch_counting_function_call_instrument() (in module zigzi)
simple_indirect_branch_counting_function_instrument() (in module zigzi)
simple_instrument_error_handler() (in module zigzi.SampleReturnVerifier)
simple_instrument_return_address_at_after_branch() (in module zigzi.SampleReturnVerifier)
simple_instrument_return_address_verifier_at_pre_return() (in module zigzi.SampleReturnVerifier)
simple_return_address_save_function() (in module zigzi)
Singleton (class in zigzi.Log)
size (zigzi.DataObject.DataObject attribute)
Stack (class in zigzi.Stack)
T
toDotNode() (zigzi.PEAnalyzeTool.BasicBlock method)
W
WindowAPIHelper (class in zigzi.WindowAPIHelper)
writefile() (zigzi.PEInstrument.PEInstrument method)
(zigzi.PEManager.PEManager method)
writefile_without_adjust() (zigzi.PEManager.PEManager method)
Z
zigzi (module)
zigzi.CodeManager (module)
zigzi.DataObject (module)
zigzi.DataSegment (module)
zigzi.Disassembler (module)
zigzi.Heap (module)
zigzi.Log (module)
zigzi.PEAnalyzeTool (module)
zigzi.PEInstrument (module)
zigzi.PEManager (module)
zigzi.SampleReturnVerifier (module)
zigzi.Stack (module)
zigzi.WindowAPIHelper (module)