{"id":13803359,"url":"https://github.com/0xb0bb/pwndra","last_synced_at":"2025-05-13T15:33:16.408Z","repository":{"id":43050116,"uuid":"233063183","full_name":"0xb0bb/pwndra","owner":"0xb0bb","description":"A collection of pwn/CTF related utilities for Ghidra","archived":false,"fork":false,"pushed_at":"2024-09-10T08:40:52.000Z","size":229,"stargazers_count":655,"open_issues_count":3,"forks_count":42,"subscribers_count":23,"default_branch":"master","last_synced_at":"2024-09-10T10:58:28.384Z","etag":null,"topics":["ctf","ctf-tools","exploitation","ghidra","ghidra-scripts","pwn","reverse-engineering"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xb0bb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-10T14:23:39.000Z","updated_at":"2024-09-10T08:41:05.000Z","dependencies_parsed_at":"2024-08-04T01:12:24.594Z","dependency_job_id":null,"html_url":"https://github.com/0xb0bb/pwndra","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xb0bb%2Fpwndra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xb0bb%2Fpwndra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xb0bb%2Fpwndra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xb0bb%2Fpwndra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xb0bb","download_url":"https://codeload.github.com/0xb0bb/pwndra/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225239748,"owners_count":17442822,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf","ctf-tools","exploitation","ghidra","ghidra-scripts","pwn","reverse-engineering"],"created_at":"2024-08-04T01:00:30.141Z","updated_at":"2024-11-18T19:31:33.356Z","avatar_url":"https://github.com/0xb0bb.png","language":"Python","funding_links":[],"categories":["Ghidra Scripts/Plugins/Extension"],"sub_categories":[],"readme":"# pwndra\n\nA collection of pwn/CTF related utilities for Ghidra\n\n## Utilities\n\n* [Replace Constants](#replace-constants)\n* [Annotate Syscalls](#annotate-syscalls)\n* [Character Conversion](#character-conversion)\n* [Goto Main](#goto-main)\n\n### Replace Constants\n\nThis utility will attempt to replace known constants in functions with their\nhuman readable counterpart.\n\n![pwndra constants](https://github.com/0xb0bb/pwndra/blob/master/docs/images/pwndra_constants.png?raw=true)\n\n### Annotate Syscalls\n\nThis utility will attempt to find and identify system calls (and arguments).\n\n*Annotation in the decompiler view*\n![pwndra syscalls](https://github.com/0xb0bb/pwndra/blob/master/docs/images/pwndra_syscalls.png?raw=true)\n\n*Arguments are annotated in the disassembler view*\n![pwndra syscalls](https://github.com/0xb0bb/pwndra/blob/master/docs/images/pwndra_syscalls_disas.png?raw=true)\n\n### Character Conversion\n\nThe correct workflow to convert displayed data in an operand is to right click\nthe value and select the conversion type under the `Convert` submenu, however,\non request I have made a script to convert the display type of operands to\n`char` so it can be used with a keyboard shortcut for convenience (IDA style).\n\nTo use it select the `In Tool` option of the `UtilitiesConvertCharacter.py` script and\nthen select a numeric operand and hit `shift+r` to convert to a string. You\ncan change the shortcut by editing the line that contains the comment with\n`keybinding` in it at the top of the script.\n\n### Goto Main\n\nOne annoying difference between Ghidra and IDA is that Ghidra makes no\nattempt to jump to `main()` (or the entry point) when you load a binary.\nThe `UtilitiesGotoMain.py` script aims to correct that. Run it directly\nor if integrated with `In Tool` then hit `ctrl`+`m` and it will attempt\nto dynamically find `main()` and move focus to that function.\n\nIf there is no `main()` function detected, it will jump to the entry\nfunction. If you run on a stripped binary then it will rename the `main`\nfunction for you.\n\n---\n\n## Installation\n\nClone the repository or download and extract somewhere. In Ghidra, open\nthe `Script Manager` (`Window` -\u003e `Script Manager`) click the `Script \nDirectory` button and add `pwndra/scripts` to the list.\n\nOnce the script directory is added to Ghidra you can find the scripts in\nthe `Pwn` category. You can run the scripts directly from the `Script \nManager` if you like but the scripts also have menus and keyboard shortcuts\nfor ease of use. In order to activate the menus and shortcuts you must\nclick the `In Tool` checkbox next to the scripts you wish to integrate\ninto the tool.\n\nIf you clicked `In Tool` the menus will be under `Analysis` -\u003e `Pwn` and\nany shortcuts for scripts are listed in the menu item that uses that\nshortcut.\n\n## Usage\n\nThere are several frontends available:\n\n* aarch64\n* amd64\n* arm (oabi/eabi)\n* hppa\n* i386\n* m68k\n* mips (n32/o32/n64)\n* powerpc\n* powerpc64\n* sh\n* sh4\n* sparc\n* sparc64\n* thumb\n\nYou can either run one of those frontend scripts directly (through the\n`Script Manager` or if you clicked `In Tool` you can access a menu;\n`Analysis` -\u003e `Pwn` -\u003e `Tool Name`).\n\nThere is an `Auto` frontend that will automatically detect the current loaded\nprogram for you. This can also be accessed with the keyboard shortcut which\nis specified in the menu item for the tool.\n\nThe scripts have two modes of operation, the default is to operate globally,\nthe second is to only operate on a given selection. This is useful for those\ntimes where you have two binary modes interlaced in the same code such as\n`i386`/`amd64` or `thumb`/`arm`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xb0bb%2Fpwndra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xb0bb%2Fpwndra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xb0bb%2Fpwndra/lists"}