ghidra-scripts
cutter
ghidra-scripts | cutter | |
---|---|---|
49 | 39 | |
213 | 15,023 | |
- | 1.3% | |
7.0 | 8.2 | |
4 months ago | 11 days ago | |
Java | C++ | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ghidra-scripts
- The Hiew Hex Editor
- Okus obratnega inženiringa - naloga 2
-
I've figured out what 13 of the 16 enemy flags mean in Ultima V. Help me figure out the last three.
I've got no experience with reverse-engineering executables, but I got a bunch of code-like stuff showing up when I fed ULTIMA.EXE to Ghidra and told it to analyze it with all the flags set.
-
Modding SH2
The whole game is written in C++ (game logic intertwined with graphics). Ghidra can help you deconstruct the game binaries, but you need to put in a GREAT great effort to even get a starting point. Cheat Engine has been successful for some purposes, including an AI enabling utility for multiplayer (use with great care!).
-
Ask HN: What's the best open source alternative to IDA Pro?
Ghidra: https://ghidra-sre.org/, https://github.com/NationalSecurityAgency/ghidra
-
You have probably heard of Temu right?
What I think you’re talking about is reverse engineering. It’s basically taking a program and analysing the compiled code to attempt to find out how it works. It’s a fairly expansive topic, and fairly tricky to do but look at anything to do with Ghidra to get started.
-
Asking for clarification ... How is learning C beneficial for becoming a Cyber security expert
Oh also just as an aside Ghidra is a really cool free tool developed by the NSA which can reverse engineer software by looking at its executable and recreating the C code from the instructions and static data within. It's another way to get familiarized with the relationship between C code and the instructions it compiles to.
-
Super Smash Bros. Melee HD Port Will "Never Happen," According to Former Nintendo Employees
There exist decompilers and other tools for helping make sense of assembly and that can automate some of the conversion back to higher level languages. In my brief involvement with Slippi I used Ghidra - a tool developed by the NSA, to do some of that kind of work, which I found a little amusing.
-
I found an old floppy disk, what does this mean/what should I do?
It's likely a binary file that's improperly being interpreted as Unicode by the text editor. If it's an executable file, you can use Ghidra to disassemble and analyze it. There may also be some interesting ASCII strings that would reveal its purpose. My guess is that it's a Windows version of Unix "tee" program which will write stdin to a file and stdout simultaneously.
-
Free Hex Editor
On the other hand, this slick "Ghidra" webpage looks suspicious. It's probably written in Typescript on Electron!
cutter
-
The Hiew Hex Editor
Everything Hiew can do, Rizin[1] can do too, and is completely free and open source[2] under LGPL3 license. Moreover, it supports more architectures, platforms, and file formats, as well as GUI in Qt - Cutter[3][4]. If something is missing in Rizin but presented in Hiew, please let us know by opening the issue with details.
[1] https://rizin.re
[2] https://github.com/rizinorg/rizin
[3] https://cutter.re
[4] https://github.com/rizinorg/cutter
-
If you're interested in eye-tracking, I'm interested in funding you
Okay, so, your comment about a "Dasher + Guitar Hero music theory/improvisation practice program" just sent me down a huge rabbit hole...
Well, rabbit hole(s) plural, I guess, most not directly related. :D
Largely because I made the "mistake" of looking at your HN profile & discovering you're also in NZ & we seem to have somewhat overlapping interests (and an affinity for "bacon" in account names, apparently), so, some thoughts[0]... :)
# Topic 1: Nissan Leaf VSP hacking
After reading your recent posts (https://ianrrees.github.io//2023/07/03/vsp-hacking.html & https://ianrrees.github.io//2023/08/05/voltage-glitch-inject...) on this topic & noting your remark about wanting to try reverse engineering a firmware image, I found the following thesis PDF (via a brief google search for `"reverse engineer" "firmware" "Renesas"`):
* "AUTOMOTIVE FIRMWARE EXTRACTION AND ANALYSIS TECHNIQUES" by Jan Van den Herrewegen https://etheses.bham.ac.uk/id/eprint/11516/1/VandenHerrewege...
Not really what I was anticipating finding but seems relevant to your interests--I don't think it was already in your resource list.
While the thesis addresses the Renesas 78K0 rather than the Renesas 78K0R, from a brief look at the "Flash Protection" PDF Application Note in your resource list it seems there's a large overlap.
Perhaps most significantly the author presents "novel methods" that combine bootloader binary analysis with constraint-based power glitching in an effort to improve on the results described in "Shaping the Glitch".
While I haven't read the entire 186 pages :D they theorize that using their approach extracting 8kB firmware might only take ~10 hours.
And, most helpfully, they even published their source code under the GPL here: https://github.com/janvdherrewegen/bootl-attacks
So, an interesting adjacent read even if it turns out not to be directly applicable to your situation.
Given I have an interest in & a little experience with firmware reversing my original thought was to maybe provide some hopefully helpful references that more generically related to firmware reversing but more specific is good too, I guess. :)
In terms of reverse engineering tooling, I've used Rizin/Cutter/radare2 previously: https://rizin.re https://cutter.re
On the CAN tooling/info front, you might be interested in taking a look at my "Adequate CAN" list which I originally wrote-up for a client a couple years ago: https://gitlab.com/RancidBacon/adequate-can
Some other probably outdated reverse engineering tooling links of mine: https://web.archive.org/web/20200119074540/http://www.labrad...
In terms of how to approach RE, other than just "getting started & digging in" & learning by doing, I've sometimes found it informative to read other people's firmware reverse engineering write-ups to learn about potentially useful approaches/tools.
Anyway, hopefully some of this is helpful!
[0] I have a tendency to be a little... "verbose" and/or "thorough" (depending on one's POV :) ) so I'll probably split this over a couple of comments, in case I run out of steam while writing and for topic separation.
-
Veles – A new age tool for binary analysis
In Cutter[1][2] we have an idea to implement thes same feature[3] as a plugin, but our priorities lie elsewhere die to the lack of enough hands. Contributions are welcome.
[1] https://cutter.re
[2] https://github.com/rizinorg/cutter
[3] https://github.com/rizinorg/cutter-plugins/issues/3
- Debugger Ghidra Class
-
Fq: Jq for Binary Formats
For this kind of task, using low-level debugger tools is probably better. Rizin[1][2]/Cutter[3][4] could help. We also have GSoC participant this year who works hard on improving debuginfo and debugging support[5]. I personally also like Binary Ninja, they recently made their debugger stable enough[6].
[1] https://rizin.re/
[2] https://github.com/rizinorg/rizin
[3] https://cutter.re/
[4] https://github.com/rizinorg/cutter
[5] https://rizin.re/posts/gsoc-2023-announcement/
[5] https://binary.ninja/2023/05/03/3.4-finally-freed.html#debug...
- Cutter (Reverse Engineering Tool) v2.2.1
-
What is this?
Something like https://cutter.re/ or https://www.nirsoft.net/utils/dll_export_viewer.html Could possibly give you some insight. I guess the question though is, what are you trying to do with it?
- Cutter Release 2.2.0
-
Dis This: Disassemble Python code online
Rizin[1] (and therefore Cutter[2]) supports interactive disassembly and analysis (but not decompilation) of the Python bytecode[3][4]. Apart from that it also supports Java and Lua bytecode for different versions.
[1] https://rizin.re
[2] https://cutter.re
[3] https://github.com/rizinorg/rizin/tree/dev/librz/asm/arch/py...
[4] https://github.com/rizinorg/rizin/blob/dev/librz/analysis/p/...
-
Stuff like this is why everyone uses scripting languages these days, since the main value prop of high-level languages is their ability to reliably print backtraces.
cutter is quite nice though
What are some alternatives?
frida-rust - Frida Rust bindings
ghidra - Ghidra is a software reverse engineering (SRE) framework
BinAbsInspector - BinAbsInspector: Vulnerability Scanner for Binaries
rz-ghidra - Deep ghidra decompiler and sleigh disassembler integration for rizin
pwndra - A collection of pwn/CTF related utilities for Ghidra
rizin - UNIX-like reverse engineering framework and command-line toolset.
frida-gum - Cross-platform instrumentation and introspection library written in C
r2ghidra - Native Ghidra Decompiler for r2
VulFi - IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.
efiSeek - Ghidra analyzer for UEFI firmware.
metalbear.co - MetalBear main website
AppImageLauncher - Helper application for Linux distributions serving as a kind of "entry point" for running and integrating AppImages