Skip to content

CySHell/Binja4J

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits

.idea

.idea

 
 

Core

Core

 
 

Modules

Modules

 
 

Configuration.py

Configuration.py

 
 

README.md

README.md

 
 

__init__.py

__init__.py

 
 

plugin.json

plugin.json

 
 

Repository files navigation

Binja4J

This project aims to leverage both the static analysis capabilities of the Binary Ninja platform and the Graph DB capabilities of Neo4j. The combination of these powerful tools will hopefully allow for sophisticated and efficient program analysis algorithms to be developed.

Before the graph is populated, It is possible to utilize a tool that parses any c header file and stores the definition within the graph, and then defines all recognized functions within the BinaryView. Following is a demo of this capability after parsing all windows headers (windows.h): image

Please note that only MEDIUM LEVEL IL (MLIL) exporting is supported, not raw assembly.

REQUIREMENTS:

  • Neo4j database

    • Install Neo4j Desktop: https://neo4j.com/docs/operations-manual/current/installation/neo4j-desktop/index.html
    • Create a local Database:

      1. DB connection details can be edited in Configuration.py

      2. Default credentials for Bin4J are "neo4j" \ "user", default local port is "bolt://localhost:7687"

      3. install the pypy neo4j module: "pip install neo4j"

      4. Create a new DB and install the APOC plugin: image

      5. Start the DB via the Neo4j Desktop application

      6. Locate the import directory of the specific Neo4j DB you've started

        • Update the "path" variable in Configuration.py

  • xxhash : "pip install xxhash"

USAGE

  • Place this repository in your BinaryNinja plugins directory

  • Start the Neo4j DB via the Neo4j Desktop application image

  • Run the Binja4J plugin on any executable

  • Manually run the ExportNeo4j.py python script

  • Enjoy your brand new graph DB

Enriching the Graph

  • Each node and relationship in the graph has a corresponding class in the /extraction_helpers folder
  • Each of the classes has a dictionary composed inside the self.serialize() function
  • Simply add any information you want to enrich the graph with into the "node_attributes" and "relationship_attributes" sub-dictionaries
  • This information will automatically be propegated into the graph

Graph Representation

  • The basic graph representation in the graph DB uses the following Ontology: image

Demo:

image

The following is a demo of following the def\use chain of an argument to a 'memset' function:

image

About

No description or website provided.

Topics

binary-analysis program-analysis binaryninja binaryninja-plugin

Resources

Readme
Activity

Stars

15 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages