Still testing 🤞
For those able to use #BinaryNinja projects; #BinYars can sort the files into folders based upon the #Yara-X rule metadata field, BNFolder. The folder nesting structure is determined by the number of matches that reside under each folder - check out the video below!
For those able to use #BinaryNinja projects; #BinYars can sort the files into folders based upon the #Yara-X rule metadata field, BNFolder. The folder nesting structure is determined by the number of matches that reside under each folder - check out the video below!
October 26, 2025 at 8:27 AM
Still testing 🤞
For those able to use #BinaryNinja projects; #BinYars can sort the files into folders based upon the #Yara-X rule metadata field, BNFolder. The folder nesting structure is determined by the number of matches that reside under each folder - check out the video below!
For those able to use #BinaryNinja projects; #BinYars can sort the files into folders based upon the #Yara-X rule metadata field, BNFolder. The folder nesting structure is determined by the number of matches that reside under each folder - check out the video below!
It's getting close to being done - #BinYars a #YARA-X #BinaryNinja plugin! Still testing, but plan on open sourcing it for all to use.
Shout out to Remco Sprooten for making this tool (also shown in the video) for quickly drafting Yara rules 💪 github.com/1337-42/Simp...
Video: Part 1 of 2
Shout out to Remco Sprooten for making this tool (also shown in the video) for quickly drafting Yara rules 💪 github.com/1337-42/Simp...
Video: Part 1 of 2
October 24, 2025 at 8:22 AM
It's getting close to being done - #BinYars a #YARA-X #BinaryNinja plugin! Still testing, but plan on open sourcing it for all to use.
Shout out to Remco Sprooten for making this tool (also shown in the video) for quickly drafting Yara rules 💪 github.com/1337-42/Simp...
Video: Part 1 of 2
Shout out to Remco Sprooten for making this tool (also shown in the video) for quickly drafting Yara rules 💪 github.com/1337-42/Simp...
Video: Part 1 of 2
The new version of my #BinaryNinja plugin Obfuscation Analysis (v1.2) adds recursive function inlining in the decompiler.
It collapses call-heavy code into a single function; analysis, constant propagation, DCE and other analyses work across boundaries.
github.com/mrphrazer/ob...
It collapses call-heavy code into a single function; analysis, constant propagation, DCE and other analyses work across boundaries.
github.com/mrphrazer/ob...
October 11, 2025 at 3:27 PM
The new version of my #BinaryNinja plugin Obfuscation Analysis (v1.2) adds recursive function inlining in the decompiler.
It collapses call-heavy code into a single function; analysis, constant propagation, DCE and other analyses work across boundaries.
github.com/mrphrazer/ob...
It collapses call-heavy code into a single function; analysis, constant propagation, DCE and other analyses work across boundaries.
github.com/mrphrazer/ob...
Live now exploring the new #BinaryNinja WARP signatures and other 4.2 features! 🥳
#VTuber #ReverseEngineering #CoWorking
twitch.tv/cyberkaida
#VTuber #ReverseEngineering #CoWorking
twitch.tv/cyberkaida
December 14, 2024 at 12:07 AM
Live now exploring the new #BinaryNinja WARP signatures and other 4.2 features! 🥳
#VTuber #ReverseEngineering #CoWorking
twitch.tv/cyberkaida
#VTuber #ReverseEngineering #CoWorking
twitch.tv/cyberkaida
New version of qiling is out!
Made the new contributors list for an IDAPython fix, but have since switched to BinaryNinja 😄 - I still use qiling a fair bit.
github.com/qilingframew...
Made the new contributors list for an IDAPython fix, but have since switched to BinaryNinja 😄 - I still use qiling a fair bit.
github.com/qilingframew...
Release Version 1.4.7 · qilingframework/qiling
What's Changed
since shell script using sh, if [[]] is a bash specific syntax by @xwings in #1370
Update saver_tendaac15_httpd.py by @xwings in #1371
Periodic maintenance PR by @elicn in #1376
fix...
github.com
March 9, 2025 at 9:54 PM
New version of qiling is out!
Made the new contributors list for an IDAPython fix, but have since switched to BinaryNinja 😄 - I still use qiling a fair bit.
github.com/qilingframew...
Made the new contributors list for an IDAPython fix, but have since switched to BinaryNinja 😄 - I still use qiling a fair bit.
github.com/qilingframew...
Very good writeup on how to handle C++ classes using Binary Ninja #binaryninja
Reversing C++ structures can be tricky. Binary Ninja makes it easier. I wrote up a walkthrough to clean up those pesky vtables. @binary.ninja
www.seandeaton.com/gotta-re-em-...
#binaryninja #reverseengineering #ghidra #ida
www.seandeaton.com/gotta-re-em-...
#binaryninja #reverseengineering #ghidra #ida
Gotta RE 'em All: Reversing C++ Virtual Function Tables with Binary Ninja
C++ can be frustrating to reverse engineer. Explore how to reverse engineer those with Binary Ninja.
www.seandeaton.com
November 29, 2024 at 6:19 AM
Very good writeup on how to handle C++ classes using Binary Ninja #binaryninja
Great write up for reversing C++ virtual tables with BinaryNinja by @whatthefuzzvr.bsky.social
www.seandeaton.com/gotta-re-em-...
#reverseEngineering
www.seandeaton.com/gotta-re-em-...
#reverseEngineering
Gotta RE 'em All: Reversing C++ Virtual Function Tables with Binary Ninja
C++ can be frustrating to reverse engineer. Explore how to reverse engineer those with Binary Ninja.
www.seandeaton.com
October 17, 2025 at 4:27 PM
Great write up for reversing C++ virtual tables with BinaryNinja by @whatthefuzzvr.bsky.social
www.seandeaton.com/gotta-re-em-...
#reverseEngineering
www.seandeaton.com/gotta-re-em-...
#reverseEngineering
Those things bug me as well. Binja is not perfect, but over all I’m liking it. Funny you mention rand(); I’ve run into that exact issue before.
#BinaryNinja (in case any BN folks see this 😉)
#BinaryNinja (in case any BN folks see this 😉)
November 29, 2024 at 9:22 PM
Those things bug me as well. Binja is not perfect, but over all I’m liking it. Funny you mention rand(); I’ve run into that exact issue before.
#BinaryNinja (in case any BN folks see this 😉)
#BinaryNinja (in case any BN folks see this 😉)
I just published my #BinaryNinja plugin for deobfuscating level 9, Evil, of the #flareon8 challenge: https://github.com/ZetaTwo/binja-experiments/tree/master/script-flareon8-evil
File not found · ZetaTwo/binja-experiments
Experiments, snippets and other things related to Binary ...
github.com
November 13, 2024 at 8:55 AM
I just published my #BinaryNinja plugin for deobfuscating level 9, Evil, of the #flareon8 challenge: https://github.com/ZetaTwo/binja-experiments/tree/master/script-flareon8-evil
Just wrote my first @vector_35 #BinaryNinja plugin. It adds comments on AVR ldi/sub pairs to display the full 16bit address in one place. So proud!
November 13, 2024 at 12:07 PM
Just wrote my first @vector_35 #BinaryNinja plugin. It adds comments on AVR ldi/sub pairs to display the full 16bit address in one place. So proud!
Nice work! Also like seeing the BinaryNinja screenshots 😄
January 10, 2025 at 2:44 PM
Nice work! Also like seeing the BinaryNinja screenshots 😄
Congrats to @vector35 on the #BinaryNinja 4.0 release.
Love to see that the free version can now load and save ☺️
https://binary.ninja/2024/02/28/4.0-dorsai.html
Love to see that the free version can now load and save ☺️
https://binary.ninja/2024/02/28/4.0-dorsai.html
Binary Ninja - 4.0: Dorsai
Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.
binary.ninja
December 7, 2024 at 9:41 PM
Congrats to @vector35 on the #BinaryNinja 4.0 release.
Love to see that the free version can now load and save ☺️
https://binary.ninja/2024/02/28/4.0-dorsai.html
Love to see that the free version can now load and save ☺️
https://binary.ninja/2024/02/28/4.0-dorsai.html
I've been experimenting with improving Binary Ninja's analysis of Objective-C. By hiding reference counting calls and applying types based on [super init] and objc_alloc_init calls, the structure of the decompiled code becomes clearer.
github.com/bdash/bn-obj...
#binaryninja #reverseengineering
github.com/bdash/bn-obj...
#binaryninja #reverseengineering
![After: Decompilation of the same function, but with retain / release calls removed and the type of [super init] propagated to the local variable. As a result, access to instance variables are correctly recognized and field names are displayed.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:2vbhejxyx6mt343q5guzw6k5/bafkreigfb76h3qgi47vgyjxdozhdzaz7lfce34zaucnzfbnkipy4ql3nqy@jpeg)
May 5, 2025 at 3:21 PM
I've been experimenting with improving Binary Ninja's analysis of Objective-C. By hiding reference counting calls and applying types based on [super init] and objc_alloc_init calls, the structure of the decompiled code becomes clearer.
github.com/bdash/bn-obj...
#binaryninja #reverseengineering
github.com/bdash/bn-obj...
#binaryninja #reverseengineering
Swap is going to kill this SSD. Also check out their new DSC plugin. Works great.
#binaryninja #reverseengineering
#binaryninja #reverseengineering
December 20, 2024 at 6:40 PM
Swap is going to kill this SSD. Also check out their new DSC plugin. Works great.
#binaryninja #reverseengineering
#binaryninja #reverseengineering
Get the currently selected Variable in MLIL/HLIL with #BinaryNinja
See alt text for code you can copy!
See alt text for code you can copy!
November 18, 2024 at 9:41 PM
Get the currently selected Variable in MLIL/HLIL with #BinaryNinja
See alt text for code you can copy!
See alt text for code you can copy!
New heuristic in my #BinaryNinja plugin obfuscation_detection:
Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.
Link: github.com/mrphrazer/ob...
Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.
Link: github.com/mrphrazer/ob...
March 14, 2025 at 2:46 AM
New heuristic in my #BinaryNinja plugin obfuscation_detection:
Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.
Link: github.com/mrphrazer/ob...
Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.
Link: github.com/mrphrazer/ob...
At @reconmtl.bsky.social, @nicolo.dev and I discuss the current state of MBA (de)obfuscation and their applications. We’ll also introduce a new #BinaryNinja plugin for simplifying MBAs in the decompiler.
Details: cfp.recon.cx/recon-2025/f...
I'll also give a training: recon.cx/2025/trainin...
Details: cfp.recon.cx/recon-2025/f...
I'll also give a training: recon.cx/2025/trainin...
April 7, 2025 at 4:13 PM
At @reconmtl.bsky.social, @nicolo.dev and I discuss the current state of MBA (de)obfuscation and their applications. We’ll also introduce a new #BinaryNinja plugin for simplifying MBAs in the decompiler.
Details: cfp.recon.cx/recon-2025/f...
I'll also give a training: recon.cx/2025/trainin...
Details: cfp.recon.cx/recon-2025/f...
I'll also give a training: recon.cx/2025/trainin...
Need to test an API hashing function that’s not in #hashdb and don’t want to parse an actual PE file to get the exported function names (for reasons) - enumerate the functions names using #BinaryNinja Python API
gist.githubusercontent.com/xorhex/04c00...
gist.githubusercontent.com/xorhex/04c00...
https://gist.githubusercontent.com/xorhex/04c00a12d64e25a0b51578efa4497751/raw/108c6d4b7dfdcc1906e2fc98c2ac2680190a5c46/binaryninja_get_function_names_from_type_library.py
def get_lib_functions(dllname: str):
for lib in bv.platform.type_libraries:
if lib.name == dllname:
for f in lib.named_objects:
yield(f)
gist.githubusercontent.com
December 10, 2024 at 7:53 PM
Need to test an API hashing function that’s not in #hashdb and don’t want to parse an actual PE file to get the exported function names (for reasons) - enumerate the functions names using #BinaryNinja Python API
gist.githubusercontent.com/xorhex/04c00...
gist.githubusercontent.com/xorhex/04c00...
Binary diff'ing is hard. But it's super powerful to apply markup from previous reverse engineering efforts to a new binary.
Binary Ninja is switching up how they match function signatures with WARP.
www.seandeaton.com/binary-ninja...
#binaryninja #reverseengineering #ghidra #ida #decompiler
Binary Ninja is switching up how they match function signatures with WARP.
www.seandeaton.com/binary-ninja...
#binaryninja #reverseengineering #ghidra #ida #decompiler
Trying Out Binary Ninja's new WARP Signatures with IPSW Diff'ing
Binary diff'ing is pretty complex, but being able to apply markup from one binary to another is quite powerful. Binary Ninja's new WARP extends previous efforts, using SigKit, to quickly identify libr...
www.seandeaton.com
December 27, 2024 at 1:07 PM
Binary diff'ing is hard. But it's super powerful to apply markup from previous reverse engineering efforts to a new binary.
Binary Ninja is switching up how they match function signatures with WARP.
www.seandeaton.com/binary-ninja...
#binaryninja #reverseengineering #ghidra #ida #decompiler
Binary Ninja is switching up how they match function signatures with WARP.
www.seandeaton.com/binary-ninja...
#binaryninja #reverseengineering #ghidra #ida #decompiler
Adding this to the growing list of #binaryninja plugins I want to update to run on the latest version of BN.
github.com/jonpalmisc/b...
github.com/jonpalmisc/b...
GitHub - jonpalmisc/bn-notepad: A notepad for Binary Ninja
A notepad for Binary Ninja. Contribute to jonpalmisc/bn-notepad development by creating an account on GitHub.
github.com
February 27, 2025 at 10:29 PM
Adding this to the growing list of #binaryninja plugins I want to update to run on the latest version of BN.
github.com/jonpalmisc/b...
github.com/jonpalmisc/b...
I’m forcing myself to learn #BinaryNinja, and using an LLM to search through the user manual and learn the basics is a game changer. Questions about fonts, theming, basic shortcuts, and considerations coming from IDA all answered easily.
August 14, 2025 at 9:53 PM
I’m forcing myself to learn #BinaryNinja, and using an LLM to search through the user manual and learn the basics is a game changer. Questions about fonts, theming, basic shortcuts, and considerations coming from IDA all answered easily.
VOD is here〜
www.twitch.tv/videos/23260...
It has two sections on the left! One for BinaryNinja WARP and two for the Oh Deer game!
www.twitch.tv/videos/23260...
It has two sections on the left! One for BinaryNinja WARP and two for the Oh Deer game!
Twitch
Twitch is the world
www.twitch.tv
December 15, 2024 at 6:08 AM
VOD is here〜
www.twitch.tv/videos/23260...
It has two sections on the left! One for BinaryNinja WARP and two for the Oh Deer game!
www.twitch.tv/videos/23260...
It has two sections on the left! One for BinaryNinja WARP and two for the Oh Deer game!
`import binaryninja` from Ghidra 11.3? We finally have Python3 support in #Ghidra ! @binary.ninja
#ReverseEngineering #Ghidra #BinaryNinja #Finally
#ReverseEngineering #Ghidra #BinaryNinja #Finally
February 15, 2025 at 3:00 AM
`import binaryninja` from Ghidra 11.3? We finally have Python3 support in #Ghidra ! @binary.ninja
#ReverseEngineering #Ghidra #BinaryNinja #Finally
#ReverseEngineering #Ghidra #BinaryNinja #Finally
I’d like to say it’s because the Hyara plugin doesn’t work on #BinaryNinja anymore, but who am I kidding - I would hand craft them at times back when I was still using IDA. I should really have the computer do the thinking for me; rules might get written faster… 😅
December 12, 2024 at 11:30 PM
I’d like to say it’s because the Hyara plugin doesn’t work on #BinaryNinja anymore, but who am I kidding - I would hand craft them at times back when I was still using IDA. I should really have the computer do the thinking for me; rules might get written faster… 😅
Another good #BinaryNinja plugin - prints the hex representation for integers in the python console.
github.com/CouleeApps/h...
github.com/CouleeApps/h...
GitHub - CouleeApps/hex_integers: A simple python displayhook wrapper for printing ints in hex in binja
A simple python displayhook wrapper for printing ints in hex in binja - CouleeApps/hex_integers
github.com
February 19, 2025 at 1:35 AM
Another good #BinaryNinja plugin - prints the hex representation for integers in the python console.
github.com/CouleeApps/h...
github.com/CouleeApps/h...