GHSA-jfh8-c2jp-5v3q
ghidra
GHSA-jfh8-c2jp-5v3q | ghidra | |
---|---|---|
9 | 126 | |
- | 47,762 | |
- | 1.7% | |
- | 10.0 | |
- | 2 days ago | |
Java | ||
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GHSA-jfh8-c2jp-5v3q
- GLPI IS NOT affected by the Log4j vulnerability CVE-2021-44228
-
Ghidra 10.1 Released
Includes fix for CVE-2021-44228 (https://github.com/advisories/GHSA-jfh8-c2jp-5v3q)
- Is this something that effects mining machines as well ? Any miner that can enlighten me about this problem?
- Warning for people playing on Minecraft servers. This is important!
- Security Issue - Minecraft 1.18.1 Release Candidate 3 Is Out!
-
WARNING: DO NOT LOG ONTO PUBLIC SERVERS, NEW ZERO-DAY SECURITY VULNERABILITY FOUND FOR 1.7-1.18
GitHub posted an advisory heres the link and proof-of-concept for those of you interested. https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
- Remote code injection in Log4j
- Log4j RCE Found
ghidra
-
TryHackMe- Compiled
Let's see what our beloved software reverse engineering framework Ghidra has to show.
-
OpenAI is working with the US military now
Define war machinery. Contributing to Ghidra?
https://github.com/NationalSecurityAgency/ghidra
- Ghidra 11.0 Released
-
Dogbolt Decompiler Explorer
Binary Ninja likewise is empty and keeps up just fine as well. It's not a coincidence that the two commercial products that are funding it are both confident enough to put their stuff online like this.
And it's no conspiracy theory or intentional sandbagging, you can see the implementation: https://github.com/decompiler-explorer/decompiler-explorer
and if anyone can improve the other tools performance we'd be happy to accept it. We reached out to the Ghidra devs: https://github.com/NationalSecurityAgency/ghidra/issues/5228 but they didn't have any silver bullets for us either.
-
Show HN: Ghidra Plays Mario
Nice, I'll give it a closer look. My only concern so far is memory hooking (still needed for hardware registers), which on Java side was called by FilteredMemoryState [1]. In memstate.cc it looks like just the simpler MemoryState is implemented [2], and there's no equivalent to MemoryAccessFilter. But it might not be that complicated to add...
[1]: https://github.com/NationalSecurityAgency/ghidra/blob/4561e8...
[2]: https://github.com/NationalSecurityAgency/ghidra/blob/4561e8...
- NSA releases Ghidra version 10.3.3
- Ghidra 10.3.2 released!
- Ghirda 10.3.2 released!
- Debugger Ghidra Class
What are some alternatives?
Apache Log4j 2 - Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
tsunami-security-scanner-plugins - This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
cutter - Free and Open Source Reverse Engineering Platform powered by rizin
logging-log4j1 - Apache log4j1
rizin - UNIX-like reverse engineering framework and command-line toolset.
log4shell - Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
r2ghidra - Native Ghidra Decompiler for r2
FizzBuzz Enterprise Edition - FizzBuzz Enterprise Edition is a no-nonsense implementation of FizzBuzz made by serious businessmen for serious business purposes.
ret-sync - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
terminal-escape-injections - A repository dedicated to terminal escape injections.
ghidra-dark - Dark theme installer for Ghidra