PyQBDI is a set of bindings of QBDI for python. You can use them like any python library or like a preloaded library (with LD_PRELOAD or DYLD_INSERT_LIBRARIES).
PyQBDI offers you a way to script your instrumentation, allowing a fast and easy way to design tools. It also lets you interact with python environment, so you can for example, post process any data you collected during the instrumentation.
PyQBDI is available on Pypi and can be installed with the following command:
pip install --user PyQBDI
If you use PyQBDI like a preloaded library, the library has the same limitations as QBDIPreload which are describred in QBDIPreload. Additionnaly, the shared library libpython3.x.so must be installed (it is not included within the python package in some linux distribution).
It is not possible to instrument a python process using PyQBDI because there will be a conflict between the host and the guest both trying to use the python runtime as described in Limitations. We would recommend directly using QBDIPreload.
Only python3 is supported. If you want to use python2, please use QBDI 0.7.0.
A version 32 bits of python is needed for PyQBDI in x86.
We provide examples along with the API documentation in the following sections.