Chapter 9: Scripting Binary Audits

Auditing binaries is a time-consuming task, so it is recommended to automate the process as much as possible. When auditing a software project, hunting some kind of vulnerabilities such as logical issues or architectural issues leading to vulnerabilities cannot be automated but, in some other cases, such as memory corruption vulnerabilities, they are generic and capable of being automated using, for instance, a Ghidra script developed for this purpose.

In this chapter, you will learn how to automate the task of looking for vulnerabilities in executable binaries using Ghidra. You will analyze how a Ghidra script developed by Zero Day Initiative works by looking for vulnerable calls to sscanf (a C library that ...

Get Ghidra Software Reverse Engineering for Beginners now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Ghidra Software Reverse Engineering for Beginners by A. P. David

Chapter 9: Scripting Binary Audits

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly