RE//verse 2025: Pyda: Write dynamic binary analysis tools in Python (Andrew Haberlandt)

Slides: https://f.fastb.in/pyda-reverse.pdf Repo: https://github.com/ndrewh/pyda Dynamic instrumentation frameworks such as Frida, Intel PIN, and DynamoRIO allow reverse-engineers to observe and modify program behaviors at runtime, but are difficult for non-experts to use. This talk introduces Pyda — a framework for writing dynamic instrumentation tools in a few short lines of Python. Pyda extends the familiar pwntools-style interface with runtime “hooks” that can modify registers and memory or redirect execution. We describe how we built performant and user-friendly dynamic instrumentation on top of DynamoRIO — and how you can use it to analyze complex, multithreaded applications on X86 and ARM64. We show how to replace existing debugging (e.g. GDB scripting) and instrumentation workflows with Pyda scripts, and how we used Pyda to solve a recent CTF challenge. Finally, we show how Pyda’s built-in compiler can inline complex, performance-sensitive instrumentation.