You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Feb 5, 2025. It is now read-only.
I'd like to be able to quickly identify "interesting" functions in a memory dump (e.g. hab_authenticate_image() ).
A lot can be achieved just through identification of unique strings in upstream code and identifying references to them.
At this time, I'm still debating whether this should actually be baked into the Depthcharge Python module. I am leaning towards "No" as it would require that I pull in something like Captone bindings as a dependency, and then proceeding to re-invent the wheel.
Instead, I think I'd instead prefer to invest this effort into IDA and Ghidra scripts, and potentially something using Ghidra's Headless Analyzer. Given that this project is intended to be a "toolkit" -- I think that this could be a perfectly reasonable approach.
I'd like to be able to quickly identify "interesting" functions in a memory dump (e.g.
hab_authenticate_image()).A lot can be achieved just through identification of unique strings in upstream code and identifying references to them.
At this time, I'm still debating whether this should actually be baked into the Depthcharge Python module. I am leaning towards "No" as it would require that I pull in something like Captone bindings as a dependency, and then proceeding to re-invent the wheel.
Instead, I think I'd instead prefer to invest this effort into IDA and Ghidra scripts, and potentially something using Ghidra's Headless Analyzer. Given that this project is intended to be a "toolkit" -- I think that this could be a perfectly reasonable approach.