New #BinaryNinja plugin: ReverserAI. It uses local large language models (LLMs) to derive semantically meaningful function names from decompiler output, demonstrating the potential of local LLMs to support reverse engineering on consumer hardware. Link:

Interesting reading on reversing a custom Instruction Set Architecture (ISA) using Binary Ninja (37C3 CTF).Credits Thomas Imbert (@Synacktiv). #cybersecurity #reverseengineering #binaryninja

🧠 Top Reverse Engineering Tools Every Cybersecurity Researcher Should Know 🔍🛠️. #ReverseEngineering #CyberSecurityTools #InfoSec #MalwareAnalysis #EthicalHacking #Ghidra #IDAPro #BinaryNinja #EducationOnly #RedTeamTools #CyberAwareness

I really like this tool; it is a web interface which allows to decompile a sample and to directly obtain the result in the web page. You have IDA, Ghidra, BinaryNinja, RETdec and many more! And on top of that the code is opensource! 🔍.

I bought BinaryNinja

New version of my #binaryninja plugin to detect interesting code in binaries. I've added a new heuristic to detect simple XOR decryption loops. It can identify string decryption routines, code decryption stubs and cryptographic implementations. Code:

hype hype hype 🔥🔥🔥 this is a fantastic add for us windows REs #binaryninja @vector35

New major release of my #BinaryNinja plugin obfuscation_detection: Additional to code detection heuristics to explore unknown binaries, it now also includes analysis helpers such as entropy computation to detect packed/encrypted code & data. Code:

My new blog post introduces a heuristic based on call frequency to identify API functions in statically-linked executables & embedded firmware. It also detects API hashing routines in PlugX malware. Link: #binaryninja plugin:

Anyone tried Ethersplay?.Does it still work?.Don't wanna buy BinaryNinja just to see it's no longer supported or smth.

Ok, obviously MIPS16e isn't getting enough love from Ghidra and IDA. I doubt binaryninja supports MIPS16e at all. Also unicorn doesn't support it at all. Not to mention baby and nanomips, where the situation is even worse.

New #BinaryNinja plugin: Obfuscation Analysis. Simplifies arithmetic obfuscation (MBA) directly in the decompiler (see demo below). Also identifies functions with corrupted disassembly. Co-authored by @nicolodev; available in the plugin manager.

New version of my #binaryninja to identify obfuscated code. Besides major performance improvements it includes a new heuristic to detect frequently called functions which identifies string decryption and API hashing routines in #malware. Code:

working with binaryninja on an single ASAN output, of a sophisticated framework.

Recent updates to IDA Pro 9 and Binaryninja 4.1 "broke" some functionality with the tools bindiff/binexport which are used by reverse engineers for binary diffing. I am sure the maintainers will incorporate some fixes for these tools but in the meantime, I am releasing my

#100DaysofYARA Day 19 they're not all winners! But what I love about BinaryNinja is that a lowly analyst like me with no dev experience can create a quick little snippet to try and mine out all unnamed functions as YARA rules. crude: yes.effective: eh? . but have to try it right?

Binary Ninja Edit.#binaryninja.

Simple and clean BinaryNinja integration with Ollama to rename functions and variables via LLM:.

New version of my #BinaryNinja plugin obfuscation_detection. New features detect:.* RC4 implementations (KSA + PRGA).* functions with a high loop frequency (potential performance bottlenecks).* irreducible loops (aggressive optimizations & obfuscation).