Tool

Set of tools aiding in analysis of stripped Golang binaries with Binary Ninja

Feb 05, 2022 1 min read

Binjago ?

Set of tools aiding in analysis of stripped Golang binaries with Binary Ninja.

Current status: Work in Progress ⚠️

Features

Function renamer based on .gopclntab section
- Brute searching section by its magic header(s) if not present in sections.

Tests

Binjago was tested on the following samples.

Sample `SHA256`	Function renamer
EKANS `dc403cfef757e9bcb3eaa3cc89f8174fc8de5eef64a0e0ee5e5698991f0437f9`	✅
DECAF `5da2a2ebe9959e6ac21683a8950055309eb34544962c02ed564e0deaf83c9477`	✅
Deadbolt `444e537f86cbeeea5a4fcf94c485cc9d286de0ccd91718362cecf415bf362bcf`	✅
Hive `90bf2554202af77fef1c4dd6fbeec01373ffb3076b74ab2db29a149feaf63fd2`	✅

GitHub

View Github

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.