Expand description
squid is a RISC-V emulation library with features that make it a powerful tool for vulnerability research and fuzzing.
Unlike other emulators, squid utilizes AOT instead of JIT compilation and allows you to rewrite your target’s code before emulation.
During runtime, you get full control over your target by handling all system calls and other events yourself.
This makes it easy to create and combine new sanitizers and test programs for all kinds of vulnerabilities, not just memory corruptions.
§Where to start
Everything in squid starts with the Compiler, so have a look at that.
§Examples, a wiki and more…
…can be found in the repository.
§What is supported
Binaries compiled with squids own RISC-V toolchain and this special set of flags:
-fPIE -pie -O0 -g -fno-jump-tables -mno-relax -D__thread=§Features
tui(enabled by default): Enables animations and fancy loading graphics
Modules§
- backends
- Contains all backends that are provided by
squid - event
- Contains the
EventPooland other helper structs. - frontend
- The frontend handles everything related to symbolic ELF-loading and the creation of the process image
- kernel
- Unstable. Use at your own risk.
- passes
- Contains the passes that are provided by
squid - riscv
- Provides constants and types that are related to the RISC-V ISA.
- runtime
- Contains the
Runtimetrait.