binwalk
ghidra
Our great sponsors
binwalk | ghidra | |
---|---|---|
29 | 126 | |
10,124 | 47,446 | |
1.2% | 2.2% | |
0.0 | 10.0 | |
24 days ago | 3 days ago | |
Python | Java | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
binwalk
- HTB - Pilgrimage Writeup
-
Is it possible to extract firmware through a USB-C cable
https://github.com/ReFirmLabs/binwalk/wiki/Quick-Start-Guide here's how to extract firmware
-
Mounting 20-year-old OpenBSD drive under macOS?
If you can get them attached to something, I wouldn’t bother trying to mount then, just dump the contents and use something inker binwalk to figure things out and see if it can extract things.
-
Sketchy USB Update
With that said, I'll repeat what i said last post, run binwalker on the image. Nothing that anyone is saying here is probably going to work because that doesn't have any features of an FS image
-
Unknown USB Files - How to view?
Op, run binwalk. Don't just run it though an hex editor, you won't understand anything. It's a forensics tool to analyze unknown binary blobs (much better than gitbash that someone mentioned). It can also unpack these files automatically, there's no better universal tool for it
-
Trying to find hex in bin file
Not sure if it would be easier or not, but you could also use binwalk to find a binary string in a file.
- An unidentified filesystem while analyzing a firmware
- Caffè Italia * 05/02/23
-
Security Advisory: Remote Command Execution in binwalk
Not true, it's still not patched. See https://github.com/ReFirmLabs/binwalk/pull/617
-
Show HN: Unblob – extraction suite for 30+ file formats
Looks nice! Kind of reminds me of binwalk: https://github.com/ReFirmLabs/binwalk
ghidra
-
TryHackMe- Compiled
Let's see what our beloved software reverse engineering framework Ghidra has to show.
-
OpenAI is working with the US military now
Define war machinery. Contributing to Ghidra?
- Ghidra 11.0 Released
-
Dogbolt Decompiler Explorer
Binary Ninja likewise is empty and keeps up just fine as well. It's not a coincidence that the two commercial products that are funding it are both confident enough to put their stuff online like this.
And it's no conspiracy theory or intentional sandbagging, you can see the implementation: https://github.com/decompiler-explorer/decompiler-explorer
and if anyone can improve the other tools performance we'd be happy to accept it. We reached out to the Ghidra devs: https://github.com/NationalSecurityAgency/ghidra/issues/5228 but they didn't have any silver bullets for us either.
-
Show HN: Ghidra Plays Mario
Nice, I'll give it a closer look. My only concern so far is memory hooking (still needed for hardware registers), which on Java side was called by FilteredMemoryState [1]. In memstate.cc it looks like just the simpler MemoryState is implemented [2], and there's no equivalent to MemoryAccessFilter. But it might not be that complicated to add...
[1]: https://github.com/NationalSecurityAgency/ghidra/blob/4561e8...
[2]: https://github.com/NationalSecurityAgency/ghidra/blob/4561e8...
- NSA releases Ghidra version 10.3.3
- Ghidra 10.3.2 released!
- Ghirda 10.3.2 released!
- Debugger Ghidra Class
What are some alternatives?
foremost - Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery. Originally developed by the United States Air Force Office of Special Investigations and The Center for Information Systems Security Studies and Research , foremost has been opened to the general public. We welcome any comments, suggestions, patches, or feedback you have on this program. Please direct all correspondence to [email protected].
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
osx-dictionary - CLI for OSX Dictionary.app
cutter - Free and Open Source Reverse Engineering Platform powered by rizin
unblob - Extract files from any kind of container formats
rizin - UNIX-like reverse engineering framework and command-line toolset.
Wireshark - Read-only mirror of Wireshark's Git repository at https://gitlab.com/wireshark/wireshark. ⚠️ GitHub won't let us disable pull requests. ⚠️ THEY WILL BE IGNORED HERE ⚠️ Upload them at GitLab instead.
r2ghidra - Native Ghidra Decompiler for r2
chipsec - Platform Security Assessment Framework
ret-sync - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
pfSense - Main repository for pfSense
ghidra-dark - Dark theme installer for Ghidra