McSema is an executable lifter. It translates (“lifts”) executable binaries from native machine code to LLVM bitcode. It uses the Remill library for disassembly and binary lifting of individual instructions. It uses IDAPro for control-flow graph (CFG) recovery.

Slides

Notes related to McSema binary lifter

Remill binary lifting library

Papers related to McSema binary lifter

• Scalable validation of binary lifters [dasgupta:pldi:2020]