New version of my #binaryninja to identify obfuscated code. Besides major performance improvements it includes a new heuristic to detect frequently called functions which identifies string decryption and API hashing routines in #malware.

Code: https://github.com/mrphrazer/obfuscation_detection

I have released a new version of PCDump-bn. In this new release, a new folder will be created within the provided directory each time the plugin is run, allowing better organization and avoiding mixing or overwriting of existing dumped files.
#BinaryNinja #Reversing #RE #vulnerability #research

https://github.com/AsherDLL/PCDump-bn/releases

New blog post and updated #binaryninja plugin: "Statistical Analysis to Detect Uncommon Code" We use statistics to identify obfuscation in an #Anticheat, a mobile DRM, a #Windows kernel module & #malware. We also dig into the obfuscation and analyze what we pinpointed.

Link: https://synthesis.to/2023/01/26/uncommon_instruction_sequences.html

Code: https://github.com/mrphrazer/obfuscation_detection

Oh FML, I managed to lose my #BinaryNinja installer while migrating hard drives🤦‍♀️
Anyone happen to randomly have the Windows installer for the latest dev branch release of 2.x from before March 23rd 2021?

Vector35 doesn't (understandably) offer downloads for expired licensees.

(boosts appreciated if you think your followers might be packrats :D) #help

I'm super excited - got approval for Binary Ninja at work! I've been wanting to try it out for a while but haven't had the opportunity to do any real work with it. looking forward to REing in the new year!

#ReverseEngineering #BinaryNinja

I wrote this plugin to dump the Psuedo C (generated by Binary Ninja's decompiler) of a given binary into a folder:

Feedback is welcome! :ablobcatbongokeyboard:​
#Security #BinaryNinja #Reversing #RE #reverseengineering #Decompiler #Binja

https://github.com/AsherDLL/PCDump-bn

I wrote this plugin to dump the Psuedo C (generated by Binary Ninja's decompiler) of a given binary into a folder:

Feedback is welcome! :ablobcatbongokeyboard:​
#Security #BinaryNinja #Reversing #RE #reverseengineering #Decompiler #Binja

https://github.com/AsherDLL/PCDump-bn

Manticore GUIs made easy - By Wong Kok Rui, National University of Singapore
Trail of Bits maintains Manticor... https://blog.trailofbits.com/2022/12/13/manticore-gui-plugin-binary-ninja-ghidra/ #symbolicexecution #binaryninja #manticore #ghidra

(opinionated) intro series to software reverse engineering by
@withzombies

Part 1: https://margin.re/2021/11/an-opinionated-guide-on-how-to-reverse-engineer-software-part-1/
Part 2: https://margin.re/2022/11/an-opinionated-guide-on-how-to-reverse-engineer-software-part-2/

#reverseengineering #infosec #hacking #binaryninja #cybersecurity

For binary-only emulation in #LibAFL qemu, you can now dump DrCov traces to see in #idapro (lighthouse), #binaryninja (bncov), or #ghidra (dragondance) which paths the executions took.

This helps you understand where your fuzzer gets stuck, develop the harness further, and reach greater depth in the binary, eventually.

Binary-only modes of #AFLplusplus ( #qemu / #frida ) and libafl_frida also support DrCov output, already.

#fuzzing #fuzzingTips
https://github.com/AFLplusplus/LibAFL/pull/878

Look out! Divergent representations are everywhere! - By Andreas Kellas
Trail of Bits recently published a blog post about a signed inte... https://blog.trailofbits.com/2022/11/10/divergent-representations-variable-overflows-c-compiler/ #internshipprojects #researchpractice #uncategorized #binaryninja #codeql

RT @seeinglogic@twitter.com

Happy to share Ariadne (https://github.com/seeinglogic/ariadne) a #binaryninja plugin I wrote to combine an interactive proximity view, static analysis, graph workflows (like source → sink), and coverage analysis!

Live on the BN plugin manager now 🥷

🐦🔗: https://twitter.com/seeinglogic/status/1587519726183481344

I did something 😌​
#BinaryNinja

MUI: Visualizing symbolic execution with Manticore and Binary Ninja - By Alan Chang, University of Oxford
During my summer internship, I had the wonderf... https://blog.trailofbits.com/2021/11/17/mui-visualizing-symbolic-execution-with-manticore-and-binary-ninja/ #internshipprojects #symbolicexecution #binaryninja #manticore

Revisiting 2000 cuts using Binary Ninja’s new decompiler - It’s been four years since my blog post “2000 cuts with Binary Ninja.” Back then, Binary Ninja was i... more: https://blog.trailofbits.com/2020/04/17/revisiting-2000-cuts-using-binary-ninjas-new-decompiler/ #binaryninja #exploits