Show HN: COBOL-REKT, a toolkit for analysing and reverse-engineering COBOL
Cobol REKT is a toolkit for reverse engineering legacy Cobol code, offering flowchart generation, Neo4J integration, execution tracing, and static analysis, with planned features for code detection and knowledge integration.
Read original article
Cobol REKT (Cobol Reverse Engineering KiT) is a toolkit aimed at reverse engineering legacy Cobol code, offering several key features. It allows users to generate flowcharts at the program or section level from the Abstract Syntax Tree (AST) in SVG or PNG formats. Additionally, it can create parse trees and control flow trees, which can be exported to JSON. The toolkit integrates code comments into the generated graphs and supports Neo4J for advanced graph analysis by injecting AST and control flow data. It also includes execution tracing capabilities through the SMOJOL interpreter and utilizes OpenAI's language models to summarize nodes. Users can build glossaries of variables and extract capability graphs from program paragraphs. The toolkit depends on various libraries, including Eclipse Che4z for Cobol grammar and Graphviz for flowchart generation. It is useful for static analysis, visualizing control flows, identifying dead code, and generating capability maps. Planned features include similar code detection and domain knowledge integration. Built with Java and Python, it requires JDK 21 for building, with detailed instructions available in the repository for usage and API access. This toolkit is particularly beneficial for developers and engineers working with legacy Cobol systems, enhancing their ability to analyze and understand complex codebases.
- Cobol REKT is designed for reverse engineering legacy Cobol code.
- Key features include flowchart generation, Neo4J integration, and execution tracing.
- The toolkit supports static analysis and visualization of control flows.
- It relies on libraries like Eclipse Che4z and Graphviz.
- Planned features include similar code detection and domain knowledge integration.
Related
Korvus: Single-Query RAG with Postgres
Korvus is a search SDK merging RAG pipeline into a Postgres query, using Python, JavaScript, and Rust bindings. It streamlines search processes, minimizes infrastructure needs, and offers detailed documentation on GitHub.
Boosting Compiler Testing by Injecting Real-World Code
The research introduces a method to enhance compiler testing by using real-world code snippets to create diverse test programs. The approach, implemented in the Creal tool, identified and reported 132 bugs in GCC and LLVM, contributing to compiler testing practices.
rr – record and replay debugger for C/C++
RR is a C/C++ debugging tool for Linux, enhancing gdb by enabling deterministic recording and replay of failures, supporting various applications like Firefox, with low overhead and a chaos mode.
Red Team Tools Collection
The Red Teaming Toolkit on GitHub provides open-source security tools for adversary simulation and threat hunting, covering areas like reconnaissance, initial access, delivery, and more, under a CC0 license.
Coq will be renamed into 'The Rocq Prover'
Coq, a formal proof management system for mathematical proofs and programming language certification, will be renamed "The Rocq Prover" by late 2024, with community support and a dedicated Stack Exchange site.
7 commentsIf someone built a tool to translate the AST generated by this into one of these newer theorem-proving dependently-typed languages (examples: Idris/Idris2 come to mind, but also the Coq/Rocq theorem prover, Agda, Lean), would it be theoretically possible to not only translate this code into a newer language but also suss out bugs and literally prove correctness? (Given how important some of this COBOL code seems to be, such as at Medicare)
I know that one of the risks of changing the language that logic and computation is written in is unexpectedly changing the behavior or introducing new bugs; wondering if this might mitigate or almost entirely prevent that
The only thing I've used like it recently was OQL (Object Query Language) for querying the Java heap.
I remember Intellij had some static dataflow analysis and I do miss it working in RubyMine.
This moves the focus from Cobol specific tools to Cobol agnostic tools.
Related
Korvus: Single-Query RAG with Postgres
Korvus is a search SDK merging RAG pipeline into a Postgres query, using Python, JavaScript, and Rust bindings. It streamlines search processes, minimizes infrastructure needs, and offers detailed documentation on GitHub.
Boosting Compiler Testing by Injecting Real-World Code
The research introduces a method to enhance compiler testing by using real-world code snippets to create diverse test programs. The approach, implemented in the Creal tool, identified and reported 132 bugs in GCC and LLVM, contributing to compiler testing practices.
rr – record and replay debugger for C/C++
RR is a C/C++ debugging tool for Linux, enhancing gdb by enabling deterministic recording and replay of failures, supporting various applications like Firefox, with low overhead and a chaos mode.
Red Team Tools Collection
The Red Teaming Toolkit on GitHub provides open-source security tools for adversary simulation and threat hunting, covering areas like reconnaissance, initial access, delivery, and more, under a CC0 license.
Coq will be renamed into 'The Rocq Prover'
Coq, a formal proof management system for mathematical proofs and programming language certification, will be renamed "The Rocq Prover" by late 2024, with community support and a dedicated Stack Exchange site.