Skip to content

Accenture/BinaryNinja_Helpers

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
sidekick
sidekick
 
 
snippets
snippets
 
 
README.md
README.md
 
 

Repository files navigation

Binary Ninja Helpers

This is a collection of scripts that can be used with snippets and sidekick plugins to enhance the experience when doing reverse engineering.

Contents

Sidekick Files

  • Add To Index - This is a simple script that will create a named index from the current function. Great when you want to trace relationship between multiple functions through Code Insight Map.
  • AUTOSAR Helper - Script that aims to assist when reverse engineering any AUTOSAR Classic based binary files by identifying the error handling and renaming functions based on the Module and Service numbers.
  • Const Finder - Indexer that can be used to find constants in the HLIL representation that match specified criteria.
  • Find Base - Script that attempts to find the base of the MCU firmware.
  • Function Finder - Is useful when you suspect that a lot of actual code was not detected by the analysis. This will try to find cross-references to the current function in the binary that are not associated with a function. Rare, but sometimes useful.
  • Indirect Calls - Identifies indirect calls only in current function.
  • Kernel Symbols Import - Imports symbols from the kallsyms file.
  • Make Function Pointers - Finds all hardcoded XREFs in the selected segment that may lead to functions.
  • PDF to Memmap - Parser for PDF files to extract memory map from datasheet/reference manuals.
  • Security Scanner - Script that will create Index with all potentially locations that may be subjects to interesting memory corruption issues. Use this in large binaries to filter out uninteresting points such as XREFs to strcpy that have static source operand.

Snippets Files

  • ARM Fix - In some weird files, the Thumb and ARM instruction sets can get mixed up. This should fix things but make sure to set the entry point of the ELF file correctly and select correct platform. This is just workaround until it gets fixed in core.
  • Inline Function - Inlines the current function. Very useful to have for any TriCore binaries.
  • Lift TriCore - Attempt to assign parameters to correct registers based on their type.
  • Remove .L Names - Some TriCore binaries come with symbols that make each line as a new function. This is not desirable, and this snippet removes these functions for good.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages