Mastodawn

Long time, no stream! Join Jordan and several other Binary Ninjas to see the next batch of features coming to stable release 5.1!

Going live in 1 hr today, June 24th at 5pm ET:

https://www.youtube.com/@vector35/live

Before you continue to YouTube

Binary Ninja May 27

Romain THOMAS May 27

The DWARF debug format is well-known for debugging executables,
but it is also an effective format for sharing reverse engineering information
across various tools, such as IDA, BinaryNinja, Ghidra, and Radare2.

In this blog post, I introduce a new high-level API in LIEF that allows the
creation of DWARF files. Additionally, I present two plugins designed to export
program information from Ghidra and BinaryNinja into a DWARF file.

https://lief.re/blog/2025-05-27-dwarf-editor/

(Bonus: The blog post includes a DWARF file detailing my reverse engineering work on DroidGuard)

Binary Ninja May 16

Our colleagues at Aarno Labs have published a follow-up addressing vulnerabilities in production stripped binaries, even if the vendor doesn't fix it themselves. This is related to our collaboration through the ARPA-H DIGIHEALS program. More details can be found here: https://www.aarno-labs.com/blog/post/high-assurance-remediation-of-cve-2024-12248/

High-Assurance Remediation of CVE-2024-12248

This post demonstrates how CodeHawk enables high-assurance patching of vulnerabilities in stripped binaries without manual binary editing. We detail the remediation of CVE 2024-12248 in the Contec CMS 8000 Patient Monitor by lifting the firmware to semantically validated C code, applying idiomatic fixes directly on the C code, and automatically synthesizing precise binary-level patches. We evaluate two patch strategies, highlighting the trade-off between broader input filtering and minimal behavioral change, with CodeHawk proving that both eliminate the buffer-overflow vulnerability.

Binary Ninja May 15

Binary Ninja 5.0 adds support for new architectures: MIPS3 in all paid editions and C-SKY ABIv1 in Ultimate. Bonus: C-SKY ABIv1 is nearly identical to M-CORE, so Ultimate users get both with one update. https://binary.ninja/2025/04/23/5.0-gallifrey.html#new-architectures

Binary Ninja - 5.0 Gallifrey

Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.

Binary Ninja

Binary Ninja May 13

With 5.0, we’re open sourcing one of the oldest components of Binary Ninja: the Shellcode Compiler. It’s powered countless Compile C Source dialogs over the years, and now it’s yours to tinker with. Long term, we’re eyeing LLVM as a modern replacement. https://binary.ninja/2025/04/23/5.0-gallifrey.html#shellcode-compiler-open-sourced https://github.com/vector35/scc

Binary Ninja - 5.0 Gallifrey

Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.

Binary Ninja

Binary Ninja May 9

Ever search in binaries? Check out the new Advanced Binary Search in 5.0. Our latest blog post shows how it makes searching easier and faster: https://binary.ninja/2025/05/09/advanced-binary-search.html

Binary Ninja - Advanced Binary Search: Finding Needles in Binary Haystacks

Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.

Binary Ninja

Binary Ninja May 9

Binary Ninja 5.0 brings big updates to the debugger: a cleaner adapter settings UI, smarter analysis that won’t slow down your session, and new backends including rr and Corellium. Faster and more flexible debugging, whether local or remote! https://binary.ninja/2025/04/23/5.0-gallifrey.html#debugger

Binary Ninja - 5.0 Gallifrey

Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.

Binary Ninja

Binary Ninja May 7

Binary Ninja 5.0 significantly enhances general decompilation and analysis with automatic stack array and structure detection, union type support, and Itanium RTTI for C++ reversing on non-Windows systems! Check it out here: https://binary.ninja/2025/04/23/5.0-gallifrey.html#analysis https://github.com/Vector35/binaryninja-api/issues/2570

Binary Ninja - 5.0 Gallifrey

Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.

Binary Ninja

Binary Ninja May 2

We have been working with our friends over at Aarno Labs as part of the ARPA-H DIGIHEALS program. They wrote up a blog post detailing a vulnerability in the Contec CMS 8000 Patient Monitor. Check it out!
https://www.aarno-labs.com/blog/post/discovery-and-analysis-of-cve-2024-12248/

Discovery and Analysis of CVE-2024-12248

This post demonstrates how CodeHawk can be employed to discover and understand vulnerabilities in stripped binaries with high-assurance automation. We focus on our discovery, analysis, and disclosure of CVE 2024-12248, a high-severity vulnerability in the Contec CMS 8000 Patient Monitor. CodeHawk's automated memory safety analysis is applied to the lifting of a stripped firmware binary from the device. The analysis output flags the buffer-overflow vulnerability as an attacker-controlled violation. CodeHawk also demonstrates that the overflow is completely unbounded, enabling remote code execution on the device.

Binary Ninja May 1

Binary Ninja 5.0 has major upgrades for firmware analysis! Firmware Ninja is now built into Ultimate, with entropy analysis, memory insights, and automatic board detection. Hex formats like IHEX and SREC are now supported natively, and SVD file loading includes full structure and comment support. https://binary.ninja/2025/04/23/5.0-gallifrey.html#firmware

Binary Ninja - 5.0 Gallifrey

Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.

Binary Ninja

Web	https://binary.ninja/
Twitter	https://twitter.com/vector35
YouTube	https://youtube.com/@Vector35