It’s comparatively simple to query blocks of code, functions, trace execution flow, query register states, and many other tasks that seem herculean within IDA.īinary Ninja is a commercial product, not open source, US$$100-400, with an Enterprise level coming soon:īinary Ninja currently comes in two different flavors. It does analysis on its own intermediate language (IL), which is exposed through Python and C++ APIs. Compared to my experience with IDA, which is held together with duct tape and prayers, Binary Ninja’s workflow is a pleasure. Before I share how I slashed through the three challenges - 334 cuts, 666 cuts, and 1,000 cuts - I have to acknowledge the tool that made my work possible. If you’re wondering how to remain competitive in a post-DARPA DEFCON CTF, I highly recommend you take a look at Binary Ninja. Using Vector35’s Binary Ninja, a promising new interactive static analysis and reverse engineering platform, I wrote a script that generated “exploits” for 2,000 unique binaries in this year’s DEFCON CTF qualifying round. Ryan Stortz has a new post on the Trail of Bits Blog on the tool Binary Ninja:
How to instantly exploit 2000 binaries with Binary Ninja /z64erJvfo5
