Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/0xk1h0/replica3

Ghidra Analysis Enhancer 🐉 Python3 version.

https://github.com/0xk1h0/replica3

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (13.2%) to scientific vocabulary

Keywords

analysis automation binary binary-analysis decompilation decompiler disassembler disassembly enhancement ghidra ghidra-auto-analysis ghidra-scripts label-references malware-analysis rename-functions replica reverse-engineering security-audit security-tools
Last synced: 5 months ago · JSON representation

Repository

Ghidra Analysis Enhancer 🐉 Python3 version.

Basic Info
  • Host: GitHub
  • Owner: 0xk1h0
  • License: mit
  • Language: Python
  • Default Branch: main
  • Homepage:
  • Size: 2.17 MB
Statistics
  • Stars: 11
  • Watchers: 2
  • Forks: 2
  • Open Issues: 0
  • Releases: 0
Topics
analysis automation binary binary-analysis decompilation decompiler disassembler disassembly enhancement ghidra ghidra-auto-analysis ghidra-scripts label-references malware-analysis rename-functions replica reverse-engineering security-audit security-tools
Created over 2 years ago · Last pushed over 2 years ago
Metadata Files
Readme License

README.md

REPLICA3

TAME THE PYHIDRA

NOTIFICATION:

I converted the REPLICA script (https://github.com/reb311ion/replica) to work in the "Pyhdira" (Python3) environment. Thanks reb311ion!

Features:

  • ⚡ Disassemble missed instructions - Define code that Ghidra's auto analysis missed
  • ⚡ Detect and fix missed functions - Define functions that Ghidra's auto analysis missed
  • ⚡ Fix 'undefinedN' datatypes - Enhance Disassembly and Decompilation by fixing 'undefinedN' DataTypes
  • ⚡ Set MSDN API info as comments - Integrate information about functions, arguments and return values into Ghidra's disassembly listing in the form of comments
  • ⚡ Tag Functions based on API calls - rename functions that calls one or more APIs with the API name and API type family if available
  • ⚡ Detect and mark wrapper functions - Rename wrapper functions with the wrapping level and wrapped function name
  • ⚡ Fix undefined data and strings - Defines ASCII strings that Ghidra's auto analysis missed and Converts undefined bytes in the data segment into DWORDs/QWORDs
  • ⚡ Detect and label crypto constants - Searche and label constants known to be associated with cryptographic algorithm in the code
  • ⚡ Detect and comment stack strings - Find and post-comment stack strings
  • ⚡ Rename Functions Based on string references - rename functions that references one or more strings with the function name followed by the string name.
  • ⚡ Bookmark String Hints - Bookmark intersting strings (file extensions, browser agents, registry keys, etc..)

Dependencies:

Installation:

  1. Download and install Ghidra to a desired location.

  2. Set the GHIDRA_INSTALL_DIR environment variable to point to the directory where Ghidra is installed.

  3. Install pyhidra.

```console

pip install pyhidra ```

Enabling the Ghidra User Interface Plugin

  1. Run pyhidraw from a terminal of your choice.
  2. Open the Code Browser Tool.
  3. From the File toolbar menu, select Configure....
  4. From the menu in the image below select configure under Experimental.
  5. Copy the repository files into any of ghidra_scripts directories and extract db.7z, directories can be found from Window->Script Manager->Script Directories

Owner

  • Name: LEE KIHO
  • Login: 0xk1h0
  • Kind: user
  • Location: Seoul
  • Company: SKKU

Security

GitHub Events

Total
  • Watch event: 4
  • Fork event: 1
Last Year
  • Watch event: 4
  • Fork event: 1

Issues and Pull Requests

Last synced: about 1 year ago

All Time
  • Total issues: 0
  • Total pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Total issue authors: 0
  • Total pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 0
  • Pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels