Feb. 7, 2024, 2:25 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By Ian Smith


Trail of Bits is releasing BTIGhidra, a Ghidra extension that helps reverse engineers by inferring type information from binaries. The analysis is inter-procedural, propagating and resolving type constraints between functions while consuming user input to recover additional type information. This refined type information produces more idiomatic decompilation, enhancing reverse engineering comprehension. The figures below demonstrate how BTIGhidra improves decompilation readability without any user interaction:


Figure 1: Default Ghidra decompiler output


Figure 2: Ghidra output after running …

analysis binary bits constraints consuming engineering engineers extension functions ghidra ian information input recover reverse reverse engineering trail of bits

SOC Manager

@ Medibank | DOCKLANDS, VIC, AU, 3008

Mobile Developer (Cortex XDR)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

IT Security Manager

@ Chubb | Hong Kong

Senior Consultant (Multiple Positions Available)

@ Atos | Plano, TX, US, 75093

Consultant (Multiple Positions Available)

@ Atos | Plano, TX, US, 75093

Information Technology Senior Consultant

@ Dezign Concepts LLC | Fort Meade, MD