binbloom
ghidra
binbloom | ghidra | |
---|---|---|
3 | 126 | |
465 | 48,103 | |
2.4% | 2.4% | |
10.0 | 10.0 | |
over 1 year ago | about 15 hours ago | |
C | Java | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
binbloom
-
small script for quickly finding the base address of a firmware image by matching strings with pointer targets
You can check https://github.com/quarkslab/binbloom which has advanced methods to find base addresses.
-
Short Guide to Loading Legacy U-Boot Images in Ghidra (How to Determine CONFIG_SYS_BASE_ADDR)
Never tried it yet, but heard of it few times, so might worth to give it a try: https://github.com/quarkslab/binbloom
-
MIPS Firmware Reverse Engineering - anyone having any success using Ghidra for this?
Your best bet here is to get the base address nailed down (assuming it’s a flat/monolithic image). There are a handful of utilities floating around (binbloom, basefind2) that use various pointer heuristics to try to guess the base address. There’s also a nice trick detailed in PoC||GTFO that you can use pretty reliably.
ghidra
-
TryHackMe- Compiled
Let's see what our beloved software reverse engineering framework Ghidra has to show.
-
OpenAI is working with the US military now
Define war machinery. Contributing to Ghidra?
https://github.com/NationalSecurityAgency/ghidra
- Ghidra 11.0 Released
-
Dogbolt Decompiler Explorer
Binary Ninja likewise is empty and keeps up just fine as well. It's not a coincidence that the two commercial products that are funding it are both confident enough to put their stuff online like this.
And it's no conspiracy theory or intentional sandbagging, you can see the implementation: https://github.com/decompiler-explorer/decompiler-explorer
and if anyone can improve the other tools performance we'd be happy to accept it. We reached out to the Ghidra devs: https://github.com/NationalSecurityAgency/ghidra/issues/5228 but they didn't have any silver bullets for us either.
-
Show HN: Ghidra Plays Mario
Nice, I'll give it a closer look. My only concern so far is memory hooking (still needed for hardware registers), which on Java side was called by FilteredMemoryState [1]. In memstate.cc it looks like just the simpler MemoryState is implemented [2], and there's no equivalent to MemoryAccessFilter. But it might not be that complicated to add...
[1]: https://github.com/NationalSecurityAgency/ghidra/blob/4561e8...
[2]: https://github.com/NationalSecurityAgency/ghidra/blob/4561e8...
- NSA releases Ghidra version 10.3.3
- Ghidra 10.3.2 released!
- Ghirda 10.3.2 released!
- Debugger Ghidra Class
What are some alternatives?
allyourbase - Finds the base address of a firmware by comparing string addresses with target pointer addresses
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
BaseAddressDiscoverererer - A python3 script for generating a list of possible base addresses given a raw binary program
cutter - Free and Open Source Reverse Engineering Platform powered by rizin
rizin - UNIX-like reverse engineering framework and command-line toolset.
basefind2 - A faster firmware base address scanner.
r2ghidra - Native Ghidra Decompiler for r2
pocorgtfo - a "Proof of Concept or GTFO" mirror with an extensive index with also whole issues or individual articles as clean PDFs.
ret-sync - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
ghidra-dark - Dark theme installer for Ghidra
Ghidra-Cpp-Class-Analyzer - Ghidra C++ Class and Run Time Type Information Analyzer