https://github.com/PositiveTechnologies/ghidra_nodejs
GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries
#ghidra #decompiler #nodejs #reverse #DrMefistO
GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries
#ghidra #decompiler #nodejs #reverse #DrMefistO
GitHub
GitHub - PositiveTechnologies/ghidra_nodejs: GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries
GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries - PositiveTechnologies/ghidra_nodejs
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
PT SWARM
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
I build robots for fun. Rick Sanchez It’s common knowledge that in 2019 the NSA decided to open source its reverse engineering framework known as Ghidra. Due to its versatility, it quickly became popular among security researchers. This article is one of…
Decompiling Node.js in Ghidra
https://swarm.ptsecurity.com/decompiling-node-js-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #heckysome
https://swarm.ptsecurity.com/decompiling-node-js-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #heckysome
PT SWARM
Decompiling Node.js in Ghidra
Have you ever wanted to find out how a program you often use, a game you play a lot, or the firmware of some realtime device actually works? If so, what you need is a disassembler. Better still, a decompiler. While things are pretty clear with x86–x64, Java…
Creating a Ghidra processor module in SLEIGH using V8 bytecode as an example
https://swarm.ptsecurity.com/creating-a-ghidra-processor-module-in-sleigh-using-v8-bytecode-as-an-example/
#reverse #ghidra #decompiler #nodejs #v8 #plugin #darw1n
https://swarm.ptsecurity.com/creating-a-ghidra-processor-module-in-sleigh-using-v8-bytecode-as-an-example/
#reverse #ghidra #decompiler #nodejs #v8 #plugin #darw1n
PT SWARM
Creating a Ghidra processor module in SLEIGH using V8 bytecode as an example
Last year our team had to analyze V8 bytecode. Back then, there were no tools in place to decompile such code and facilitate convenient navigation over it. We decided to try writing a processor module for the Ghidra framework. Thanks to the features of the…
Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
PT SWARM
Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
When we were developing the ghidra nodejs module for Ghidra, we realized that it was not always possible to correctly implement V8 (JavaScript engine that is used by Node.js) opcodes in SLEIGH. In such runtime environments as V8 and JVM, a single opcode might…