mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog

Serverstatistik:

1,5 Tsd.
aktive Profile

#binaryninja

0 Beiträge0 Beteiligte0 Beiträge heute
Tim Blazytko<p>New <a href="https://infosec.exchange/tags/BinaryNinja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BinaryNinja</span></a> plugin: Obfuscation Analysis</p><p>Simplifies arithmetic obfuscation (MBA) directly in the decompiler (see demo below). Also identifies functions with corrupted disassembly.</p><p>Co-authored by <span class="h-card" translate="no"><a href="https://infosec.exchange/@nicolodev" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nicolodev</span></a></span> ; available in the plugin manager.</p><p>Check it out: <a href="https://github.com/mrphrazer/obfuscation_analysis" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/mrphrazer/obfuscati</span><span class="invisible">on_analysis</span></a></p><p><a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
hubertf<p>I managed to finally get BYUCTF's pwn/MIPS going. Ghidra gave me a wrong value for __stack_chk_guard and also didn't tell me about it being a pointer. Binary Ninja helped (but had some other issues).</p><p>I have updated my writeup, FWIW: <br><a href="http://www.feyrer.de/redir/BYUCTF2025-Writeup.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">http://www.</span><span class="ellipsis">feyrer.de/redir/BYUCTF2025-Wri</span><span class="invisible">teup.html</span></a></p><p><a href="https://mastodon.social/tags/BYUCTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BYUCTF</span></a> <a href="https://mastodon.social/tags/ctf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ctf</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/ghidra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ghidra</span></a> <a href="https://mastodon.social/tags/binja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binja</span></a> <a href="https://mastodon.social/tags/binaryninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binaryninja</span></a> <span class="h-card" translate="no"><a href="https://infosec.exchange/@binaryninja" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>binaryninja</span></a></span></p>
buherator[RSS] Fixing Decompilation of Stack Clash Protected Binaries<br><br><a href="https://intrigus.org/research/2025/04/15/fixing-decompilation-of-stack-clash-protected-binaries/" rel="nofollow noopener" target="_blank">https://intrigus.org/research/2025/04/15/fixing-decompilation-of-stack-clash-protected-binaries/</a><br><br><a class="hashtag" href="https://infosec.place/tag/ghidra" rel="nofollow noopener" target="_blank">#Ghidra</a> <a class="hashtag" href="https://infosec.place/tag/binaryninja" rel="nofollow noopener" target="_blank">#BinaryNinja</a> <a class="hashtag" href="https://infosec.place/tag/reverseengineering" rel="nofollow noopener" target="_blank">#ReverseEngineering</a>
bdash<p>Crazy thought… what if your decompiled Objective-C code looked like Objective-C code?</p><p>Today's journey: implementing an Objective-C “pseudo-language” view for Binary Ninja.</p><p><a href="https://social.bdash.net.nz/tags/binaryninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binaryninja</span></a> <a href="https://social.bdash.net.nz/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a> <a href="https://social.bdash.net.nz/tags/objectivec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>objectivec</span></a></p>
bdash<p>My plug-in providing this additional analysis is available at <a href="https://github.com/bdash/bn-objc-extras" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/bdash/bn-objc-extra</span><span class="invisible">s</span></a></p><p><a href="https://social.bdash.net.nz/tags/binaryninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binaryninja</span></a> <a href="https://social.bdash.net.nz/tags/objectivec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>objectivec</span></a> <a href="https://social.bdash.net.nz/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a></p>
bdash<p>I've been experimenting with improving Binary Ninja's analysis of Objective-C code recently. Having the ability to hide Obj-C runtime reference counting calls, and apply type information based on [super init] and objc_alloc_init calls can dramatically improve the readability (and in some cases even accuracy!) of the decompiled code.</p><p><a href="https://github.com/bdash/bn-objc-extras" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/bdash/bn-objc-extra</span><span class="invisible">s</span></a></p><p><a href="https://social.bdash.net.nz/tags/binaryninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binaryninja</span></a> <a href="https://social.bdash.net.nz/tags/objectivec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>objectivec</span></a> <a href="https://social.bdash.net.nz/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a></p>
Known Rabbit<p>🔍 Introducing MCP Server for Binary Ninja: Connect your AI assistants directly to <span class="h-card" translate="no"><a href="https://infosec.exchange/@binaryninja" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>binaryninja</span></a></span> for powerful reverse engineering! Get pseudo code, analyze functions, rename symbols, and more—all through the Model Context Protocol. Works with Claude Desktop, Cherry Studio and any other MCP Clients. </p><p><a href="https://github.com/MCPPhalanx/binaryninja-mcp" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/MCPPhalanx/binaryni</span><span class="invisible">nja-mcp</span></a><br><a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReverseEngineering</span></a> <a href="https://infosec.exchange/tags/BinaryNinja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BinaryNinja</span></a> <a href="https://infosec.exchange/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLM</span></a> <a href="https://infosec.exchange/tags/MCP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MCP</span></a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a></p>
Tim Blazytko<p>New heuristic in my <a href="https://infosec.exchange/tags/BinaryNinja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BinaryNinja</span></a> plugin obfuscation_detection: </p><p>Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.</p><p>Link: <a href="https://github.com/mrphrazer/obfuscation_detection" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/mrphrazer/obfuscati</span><span class="invisible">on_detection</span></a></p><p><a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a></p>
Blue DeviL // SCT<p>Guys; you should try binary ninja on reversing c++ classes. Look at this writeup from Sean Deaton.</p><p>Gotta RE 'em All: Reversing C++ Virtual Function Tables with Binary Ninja</p><p><a href="https://www.seandeaton.com/gotta-re-em-all-reversing-c-virtual-function-tables-with-binary-ninja/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">seandeaton.com/gotta-re-em-all</span><span class="invisible">-reversing-c-virtual-function-tables-with-binary-ninja/</span></a></p><p><a href="https://infosec.exchange/tags/binaryninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binaryninja</span></a> <a href="https://infosec.exchange/tags/binary_ninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binary_ninja</span></a> <a href="https://infosec.exchange/tags/binary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binary</span></a> <a href="https://infosec.exchange/tags/ninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ninja</span></a> <a href="https://infosec.exchange/tags/reversing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reversing</span></a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a> <a href="https://infosec.exchange/tags/cpp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cpp</span></a></p>
ITSEC News<p>“Unstripping” binaries: Restoring debugging information in GDB with Pwndbg - By Jason An<br>GDB loses significant functionality when debugging binaries that lack ... <a href="https://blog.trailofbits.com/2024/09/06/unstripping-binaries-restoring-debugging-information-in-gdb-with-pwndbg/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.trailofbits.com/2024/09/0</span><span class="invisible">6/unstripping-binaries-restoring-debugging-information-in-gdb-with-pwndbg/</span></a> <a href="https://schleuss.online/tags/applicationsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>applicationsecurity</span></a> <a href="https://schleuss.online/tags/internshipprojects" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>internshipprojects</span></a> <a href="https://schleuss.online/tags/binaryninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binaryninja</span></a> <a href="https://schleuss.online/tags/go" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>go</span></a></p>
Cindʎ Xiao 🍉 8964 36<p>I wrote a quick Binary Ninja script to recover source file paths, line numbers, and column numbers from panic information embedded in Rust binaries, and I love how in binja you can set the icon for custom user tags to any emoji you want lol 😱</p><p><a href="https://infosec.exchange/tags/rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rust</span></a> <a href="https://infosec.exchange/tags/rustlang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rustlang</span></a> <a href="https://infosec.exchange/tags/binaryninja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>binaryninja</span></a> <a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReverseEngineering</span></a></p>
Jimmy Wylie<p>Still thinking about UIs re: <a href="https://infosec.exchange/tags/IDA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IDA</span></a> and <a href="https://infosec.exchange/tags/Ghidra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ghidra</span></a> and even Binja to some extent (although I've used it alot comparatively), and how UIs are def a product of their time.<br>IDA's UI makes sense if you consider it started as command line tool with like DOS style short cut keys back in like 1991.</p><p>I don't actually know when Ghidra dev originally started, but given what it can do, I imagine it's the same age, or maybe just a few years younger than IDA. Java Swing (or what became swing), came out in 1997. It wouldn't surprise me if this is around when Ghidra dev started.</p><p>So Ghidra's UI, and it's focus on GUI actions first (vs the keyboard like IDA), makes a lot sense if you consider the popularity of Java with the gov't and also the popularity of newfangled GUI apps with Swing.</p><p><a href="https://infosec.exchange/tags/BinaryNinja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BinaryNinja</span></a> came out around 2016. I don't know what they use under the covers for their GUI, but it's really not surprising that of the three tools, Binja's UI looks the slickest.</p>
ADMIN magazine<p>Did you miss ADMIN Update this week? Read it here and subscribe to get it free every Wednesday <a href="https://mailchi.mp/admin-magazine/admin-update-binary-cyberattack-analysis" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mailchi.mp/admin-magazine/admi</span><span class="invisible">n-update-binary-cyberattack-analysis</span></a> <a href="https://hachyderm.io/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://hachyderm.io/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://hachyderm.io/tags/BinaryNinja" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BinaryNinja</span></a> <a href="https://hachyderm.io/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NIST</span></a> <a href="https://hachyderm.io/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloud</span></a> <a href="https://hachyderm.io/tags/Kubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubuntu</span></a> <a href="https://hachyderm.io/tags/laptop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>laptop</span></a> <a href="https://hachyderm.io/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://hachyderm.io/tags/monitoring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monitoring</span></a> <a href="https://hachyderm.io/tags/OpenStack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenStack</span></a> <a href="https://hachyderm.io/tags/MicroVMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MicroVMs</span></a> <a href="https://hachyderm.io/tags/jobs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>jobs</span></a> <a href="https://hachyderm.io/tags/events" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>events</span></a></p>