#BinaryNinja

2025-06-01

My PR to Binary Ninja to provide a “Pseudo Objective-C” representation of decompiled code was merged and is available in the latest 5.1-dev builds. For best results, use in conjunction with github.com/bdash/bn-objc-extra to hide Obj-C memory management noise and propagate more type information.

#binaryninja #reverseengineering #objectivec
social.bdash.net.nz/@mrowe/114

2025-05-25

New #BinaryNinja plugin: Obfuscation Analysis

Simplifies arithmetic obfuscation (MBA) directly in the decompiler (see demo below). Also identifies functions with corrupted disassembly.

Co-authored by @nicolodev ; available in the plugin manager.

Check it out: github.com/mrphrazer/obfuscati

#reverseengineering #malware #cybersecurity

2025-05-23

#binaryninja doing the math for me

hubertfhubertf
2025-05-20

I managed to finally get BYUCTF's pwn/MIPS going. Ghidra gave me a wrong value for __stack_chk_guard and also didn't tell me about it being a pointer. Binary Ninja helped (but had some other issues).

I have updated my writeup, FWIW:
feyrer.de/redir/BYUCTF2025-Wri

@binaryninja

2025-05-07

Crazy thought… what if your decompiled Objective-C code looked like Objective-C code?

Today's journey: implementing an Objective-C “pseudo-language” view for Binary Ninja.

#binaryninja #reverseengineering #objectivec

Before: Decompilation of Objective-C code with minimal language-specific analysisAfter: Decompiled Objective-C code with language-specific analysis and transformations applied, displayed as pseudo-Objective-C
2025-05-05

My plug-in providing this additional analysis is available at github.com/bdash/bn-objc-extra

#binaryninja #objectivec #reverseengineering

2025-05-05

I've been experimenting with improving Binary Ninja's analysis of Objective-C code recently. Having the ability to hide Obj-C runtime reference counting calls, and apply type information based on [super init] and objc_alloc_init calls can dramatically improve the readability (and in some cases even accuracy!) of the decompiled code.

github.com/bdash/bn-objc-extra

#binaryninja #objectivec #reverseengineering

Before: decompilation of an Objective-C class initializer showing the results given by Binary Ninja out of the box. Retain / release calls clutter the function and the lifted code that initializes instance variables does not make any sense due to missing type information.After: Decompilation of the same function, but with retain / release calls removed and the type of [super init] propagated to the local variable. As a result, access to instance variables are correctly recognized and field names are displayed.Before: decompilation of an Objective-C function showing the results given by Binary Ninja out of the box. Reference counting function calls clutter the code so much that it’s hard to see the actual structure of the code.After: The same Objective-C function but with reference counting function calls hidden. The structure of the function is clear!
2025-04-08

🔍 Introducing MCP Server for Binary Ninja: Connect your AI assistants directly to @binaryninja for powerful reverse engineering! Get pseudo code, analyze functions, rename symbols, and more—all through the Model Context Protocol. Works with Claude Desktop, Cherry Studio and any other MCP Clients.

github.com/MCPPhalanx/binaryni
#ReverseEngineering #BinaryNinja #LLM #MCP #AI

2025-04-07

At @recon , @nicolodev and I discuss the current state of MBA (de)obfuscation and their applications. We’ll also introduce a new #BinaryNinja plugin for simplifying MBAs in the decompiler.

Details: cfp.recon.cx/recon-2025/featur

I'll also give a training: recon.cx/2025/trainingSoftware

#reverseengineering #malware

2025-03-14

New heuristic in my #BinaryNinja plugin obfuscation_detection:

Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.

Link: github.com/mrphrazer/obfuscati

#reverseengineering

2025-03-09

A 🦄 is coming soon to #BinjaExtras

#binaryninja

Daniel Roethlisbergerdroe@infosec.exchange
2024-12-26

Released Binja Apple Blocks Plugin 0.4.0, adding support for generic helper info on block descriptors.

github.com/droe/binja-blocks/r

#binaryninja #binja #reverseengineering #apple #ios #macos

2024-12-07

Created my first #BinaryNinja plugin - it helps apply API function prototypes to variables based upon the variable name. Hopefully it gets accepted into the community repo soon (already submitted the issue requesting the addition)

github.com/xorhex/binjaextras

Thanks again @cxiao for the suggestion and code snippet to add the type lib if not found!

2024-11-29

Guys; you should try binary ninja on reversing c++ classes. Look at this writeup from Sean Deaton.

Gotta RE 'em All: Reversing C++ Virtual Function Tables with Binary Ninja

seandeaton.com/gotta-re-em-all

#binaryninja #binary_ninja #binary #ninja #reversing #reverseengineering #cpp

2024-11-08

@binaryninja

1. I think this is my favourite: Auto (more meaningful ) rename. Guys it is really annoying and hard to understand renamed registers in decompiler output:
github.com/Vector35/binaryninj

2. This is waiting for 2 years (I thought that would be more easy to implement):
github.com/Vector35/binaryninj

3. GCC/Clang RTTI analysis
github.com/Vector35/binaryninj

4. Peter himself opened this one 4 years ago (yes 4 years)
github.com/Vector35/binaryninj

5. Trivial but that would be nice (Hex Rays can do this on windows binaries but cannot do on Linux binaries)
github.com/Vector35/binaryninj

6. Peter also agreed that we need this:
github.com/Vector35/binaryninj

7. OK last one:
github.com/Vector35/binaryninj

#binaryninja #enhancement #development #cpp

2024-11-08

Going to make this into a #binaryninja plugin soon, but if you want to apply a Windows API type to a variable (tested in the binaryview MLIL):

- Load this script
```
def apply_type():
t = bv.import_library_object(current_variable.name)
if t is not None:
new_type = f'{t.get_string_before_name()} (* {current_variable.name}) {t.get_string_after_name()}'
current_variable.type = new_type
else:
print(f'Type not found for {current_variable.name}')
```

- Change the variable name to match the windows API call being made

- Select the variable in the binaryview and run this in the python console: `apply_type()`

This is useful for when malware dynamically resolves API calls.

2024-09-06

“Unstripping” binaries: Restoring debugging information in GDB with Pwndbg - By Jason An
GDB loses significant functionality when debugging binaries that lack ... blog.trailofbits.com/2024/09/0 #applicationsecurity #internshipprojects #binaryninja #go

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst