How Ghidra changed my life

Presented at Kernelcon 2020 Virtual, March 27, 2020, 1:30 p.m. (60 minutes).

Anyone that knows me also knows that I'm a huge IDA Pro fanboy. Ghidra, the NSA's answer to IDA, has been in the public's hands for about a year now, so where does that leave me? Still solidly in the IDA camp, but that doesn't mean that Ghidra hasn't had an impact on my life. Thanks to the magic of open source we can take one of Ghidra's nicest features and bolt it onto IDA to fill some gaps in IDA coverage. In this talk, I'll introduce the 'Binary Lifting Component' (it's kinder name), or just blc for short, plugin for IDA. blc takes the core of Ghidra's decompiler capability and builds an IDA plugin around it to add decompilation capability to IDA for all processors supported by Ghidra.

Presenters:

• Chris Eagle
  Chris Eagle is a security researcher whose interests include computer network operations, computer forensics and reverse/anti-reverse engineering. He was the chief architect of the competition infrastructure for DARPA's Cyber Grand Challenge. He has been a speaker at conferences such as Kernelcon, Blackhat, and Defcon and is the author of 'The IDA Pro Book'. In his spare time he is an inveterate CTF player and has twice won the prestigious capture the flag competition at Defcon.

Links:

• https://www.youtube.com/watch?v=KL1jE9dxas0
• https://2020.kernelcon.org/cfp/K2020_ceagle.pdf

Similar Presentations:

• Kernelcon 2019 / What's a Ghidra, and why should you care?
• SAINTCON 2019 / Reverse Engineering and Code Emulation with Ghidra
• Texas Cyber Summit 2019 / RE-1012 Ghidra for the begineer reverse enginering