itsMe Posted November 30, 2023 Share Posted November 30, 2023 This is the hidden content, please Sign In or Sign Up Automatically detect obfuscated code and other interesting code constructs Description: Obfuscation Detection is a Binary Ninja plugin to detect obfuscated code and interesting code constructs (e.g., state machines) in binaries. Given a binary, the plugin eases analysis by identifying code locations which might be worth a closer look during reverse engineering. Based on various heuristics, the plugin pinpoints functions that contain complex or uncommon code constructs. Such code constructs may implement obfuscated code state machines and protocols C&C server communication string decryption routines cryptographic algorithms v2.0 Major version update. Additional to code detection heuristics, this release introduces so-called Util functions, helpers which provide additional information to guide reverse engineering or pinpoint functions using a much narrower scope than heuristics. The first three Util functions are entry function detection: lists all functions which are not called from other functions leaf function detection: lists all function which do not call other functions entropy analysis: computes the entropy for each section and allows to identify packed/encrypted code This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts