#1235: started updating angr

OWASP · Jul 19, 2019 · 72456a2 · 72456a2
1 parent 4a8e4e1
commit 72456a2
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/Document/0x05b-Basic-Security_Testing.md b/Document/0x05b-Basic-Security_Testing.md
@@ -754,20 +754,22 @@ Please note that Xposed, as of early 2019, does not work on Android Pie yet.
 
 ##### Angr
 
--- ToDo: <https://github.com/OWASP/owasp-mstg/issues/1235>
+Angr is a Python framework for analyzing binaries. It is useful for both static and dynamic symbolic ("concolic") analysis. In other words: given a binary and a requested state, Angr will try to get to that to the requested state in the binary, using formal methods to find a path, as well as brute forcing. This can make reverse-engineerig "I just want a solution style" - way easier than with for instance IDA Pro, Radare2, or Ghidra. Angr operates on the VEX intermediate language and comes with a loader for ELF/ARM binaries, so it is perfect for dealing with native Android binaries.
 
-Angr is a Python framework for analyzing binaries. It is useful for both static and dynamic symbolic ("concolic") analysis. Angr operates on the VEX intermediate language and comes with a loader for ELF/ARM binaries, so it is perfect for dealing with native Android binaries.
+Angr allows for disassempbly, program instrumentation, symbolic execution, control-flow analysis, data-dependency analysis, decompilation and more, given a large set of plugins.
 
 Since version 8 Angr is based on Python 3, and it's available from PyPI. With pip, it's easy to install on \*nix operating systems and Mac OS:
 
 ```shell
-$ pip install angr
+$ mkvirtualenv --python=$(which python3) angr && python -m pip install angr
 ```
 
 Creating a dedicated virtual environment with Virtualenv is recommended because some of its dependencies contain forked versions Z3 and PyVEX, which overwrite the original versions. You can skip this step if you don't use these libraries for anything else.
 
 Comprehensive documentation, including an installation guide, tutorials, and usage examples is available on [Gitbooks page of angr](https://docs.angr.io/ "angr"). A complete [API reference](https://angr.io/api-doc/ "angr API") is also available.
 
+
+
 ### Basic Testing Operations
 
 #### Accessing the Device Shell