For too long, security researchers’ choice of reverse-engineering platforms has been limited. They could either attempt to scale radare2’s sharp learning curve, or settle for IDA. It’s easier to start using IDA, but many advanced features are just as hard as radare2’s to understand and use.
Fortunately, with Binary Ninja, researchers now have a real -and easy- choice of reversing platforms. They have many reasons to choose Binary Ninja, including its rich feature set, solid API, and accessible Low Level Intermediate Language (LLIL).
We want to promote broader adoption of Binary Ninja, so we’re developing learning materials to help prospective users jump in now.
We showed how we used the LLIL and its data flow analysis to solve 2,000 CTF challenge binaries for DEFCON’s 2016 CTF qualifying round.
We presented example IL analysis plugins for automated discovery of a simple memory corruption vulnerabilities.
In a two-post series, we described the fundamentals of Binary Ninja’s LLIL, and how the Python API can be used to interact with it. Then, we demonstrated how to easily develop platform agnostic tools harnessing the power of the LLIL and its dataflow analysis.
Binary Ninja is one of those tools that allows us to enhance our capabilities and combine mechanical efficiency with human intuition. We highly recommend you start using it today.