LLVMParty

LLVMParty / striga

Public

Striga is an experimental lifter from x86_64 to LLVM IR written in Python.

secret.club20260521striga.html llvm reverse-engineering
31
2
69% credibility
Found May 22, 2026 at 31 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

Striga is an experimental tool that converts x86-64 machine code from compiled programs into LLVM IR (an intermediate representation). It works by disassembling binary instructions, following program execution paths, and translating them into structured code that preserves the original logic. The project includes utilities for lifting Windows executables, optimizing the results, and analyzing protected software. It's designed for binary analysis, reverse engineering research, and understanding how compiled code behaves.

How It Works

1
🔍 You have compiled code you want to understand

Maybe you're debugging a program, analyzing software behavior, or studying how something works under the hood.

2
💡 You discover a tool that can translate machine code

This project takes binary instructions and converts them into a clearer, analyzable format that humans can read.

3
📁 You point it at your program file

You give it a Windows executable or raw binary, and it reads through the compiled instructions inside.

4
⚙️ The magic happens: translation to readable code

The tool disassembles each instruction, follows the program's flow through different code paths, and converts everything into LLVM IR—a structured representation that preserves the logic.

5
You can optimize and clean up the result

The tool can wrap your lifted code in a friendly interface and run optimization passes to simplify and brighten the output.

6
📝 You examine the translated code

Now you have clean, structured code showing exactly what the original program does—arithmetic, memory operations, branches, and all.

🎉 You understand the program clearly

Whether for security research, debugging, or learning, you now have the program's logic in a form you can read, analyze, and build upon.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 31 to 31 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is striga?

Striga is an experimental lifter that converts x86_64 machine code into LLVM IR. Written in Python, it lets you take raw binary functions and emit clean, optimizable IR that you can then pass through LLVM's optimization pipeline. The project uses Capstone for disassembly and the llvm-nanobind bindings for IR generation. It can lift PE executables directly, handling Windows x64 calling conventions and memory layouts out of the box.

Why is it gaining traction?

The key hook is that you get actual LLVM IR from binaries without writing a full decompiler. Unlike static analysis tools that just give you instruction traces, Striga produces IR you can optimize, analyze with data-flow tools, or compile to native code. The brighten example shows the workflow: lift raw bytes, wrap them in a callable wrapper, then let LLVM optimize away the modeled memory and dead code. For anyone reverse-engineering VM-protected software or analyzing obfuscated binaries, this is significantly faster than writing lifter semantics by hand.

Who should use this?

Binary security researchers analyzing VM-obfuscated code will find the most value here. Reverse engineers who want LLVM IR output for further analysis or recompilation will appreciate the clean pipeline. Malware analysts working with Windows x64 binaries can use the PE container support to lift and analyze functions without rebuilding them from scratch. This is not for general application development.

Verdict

At 31 stars with minimal documentation, Striga is clearly early-stage and experimental. The credibility score of 0.699999988079071% reflects this maturity level. That said, the code is well-structured, the instruction semantics are carefully implemented, and the examples demonstrate real reverse-engineering workflows. If you're working in binary analysis and need LLVM IR output, it's worth exploring despite the rough edges. For production use cases, wait for more community validation and documentation.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.