Blue DeviL // SCTJun 25

#Ghidra v11.4 dropped:

https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_11.4_build

#ghidra #decompiler #disassembler #reverseengineering #debugger

Release Ghidra 11.4 · NationalSecurityAgency/ghidra

What's New Change History Getting Started SHA-256: 8b2902bb3166901bc6297a06892eee077c08605be65abfe73ce7aaaafb651632

GitHub
Pico le CrocoJun 6

Played N0PS CTF last week-end.
This is my write-up, with images.

#android #writeup #CTF #native #java #reverse #jeb #decompiler

1/4

The Sinister PorpoiseMar 11

So how many have you used dogbolt.com to take apart someone's code and see (or C) what they are doing?

#programming #decompiler

Blue DeviL // SCTMar 3

IDA Pro v9.1 Released. Some highlights:

* Better compression on idb files
* Decompiler improvement on ARM, ARM64, RISCV, PPC
* Time travel debugging now supported on Windbg
* Heaven's gate supported on Windbg plugin
* Pass IDA command line parameters to open_database() function

* No support on Linux ARM64 unfortunately :/

https://docs.hex-rays.com/release-notes/9_1

#ida #disassembler #decompiler

IDA 9.1 | Hex-Rays Docs

BegasusFeb 26

It's out! r2dec-js a decompiler plugin for radare2 (version 5.9.8) was just released, I already did a recipe to build it on Haiku, but finished this up and merged it at haikuports. You can now use this in Terminal or in the Iaito application.

#HaikuOS #radare2 #radare #r2dec-js #Iaito #decompiler #reverseengineering

Blue DeviL // SCTFeb 21

@HexRaysSA have announced IDA Pro v9.1 Beta

There are a lot changes, follow the link for changelog
https://docs.hex-rays.com/release-notes/9_1beta

Some highlights:
* Heaven's gate can now be debugged
* Rust version detection
* Improved decompilation on ARM64, RISCV, PPC
* Still no support for Linux ARM

#idapro #disassembler #decompiler #tooloftrade #reversing #reversengineering

IDA 9.1beta | Hex-Rays Docs

 radare Feb 17
"AI-Powered Reverse Engineering: Decompiling Binaries with AI" https://www.youtube.com/watch?v=f9-fop5dttg by @secfatal #llm #decompiler #radare2
AI-Powered Reverse Engineering: Decompiling Binaries with AI

YouTube
cryptaxFeb 17

I'm surprised at how badly #Ghidra decompiles this very simple function.

It's a syscall 0x57 which is unlink (remove a file).

I'm surprised it decompiles saying it *returns 0x57* ...

#decompiler #syscall #linux

hubertfFeb 7

Spiegeln, Spiegeln an der Wand, wer ist der beste Decompiler im Land? Heute mal etwas mit dem neuen ghidra, angr-manager und IDA-Free gespielt... ich denke ich bleibe erstmal bei ghidra.

#decompiler #ghidra #ida #angr #angrmanager #cybersecurity #ctf

Joxean Koret (@matalaz)Jan 7

RULECOMPILE - Undocumented Ghidra decompiler rule language

https://msm.lt/re/ghidra/rulecompile/

#Ghidra #Decompiler

RULECOMPILE - Undocumented Ghidra decompiler rule language

Or “How I got annoyed by a poor decompilation so I unearthed a hidden Ghidra feature” TLDR: there is a (undocumented and disabled by default) feature in the Ghidra decompiler that lets you create your own decompiler passes, using a custom DSL. I leverage it to write a deobfuscation rule for a simple obfuscation technique. Story Setup - introduction and problem statement Decompiler 101 - building and using Ghidra decompiler directly RULECOMPILE - a curious #define flag from the decompiler source A forgotten language of dragons - reverse-engineering a forgotten code pattern matching DSL How to train your dragon - how to write a rule that is actually useful Conclusion - parting thoughts Story setup It all started with this one missed deobfuscation:

msm's home