{"id":18894183,"url":"https://github.com/trailofbits/btighidra","last_synced_at":"2025-07-05T20:39:58.550Z","repository":{"id":221215609,"uuid":"446896170","full_name":"trailofbits/BTIGhidra","owner":"trailofbits","description":"Binary Type Inference Ghidra Plugin","archived":false,"fork":false,"pushed_at":"2024-02-09T18:21:39.000Z","size":22975,"stargazers_count":146,"open_issues_count":10,"forks_count":12,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-12-11T13:40:55.720Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trailofbits.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"Contributing.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2022-01-11T16:22:44.000Z","updated_at":"2024-12-05T19:08:53.000Z","dependencies_parsed_at":"2024-02-06T20:00:48.089Z","dependency_job_id":null,"html_url":"https://github.com/trailofbits/BTIGhidra","commit_stats":null,"previous_names":["trailofbits/btighidra"],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2FBTIGhidra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2FBTIGhidra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2FBTIGhidra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2FBTIGhidra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trailofbits","download_url":"https://codeload.github.com/trailofbits/BTIGhidra/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230554330,"owners_count":18244234,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T08:19:41.584Z","updated_at":"2024-12-20T08:09:04.717Z","avatar_url":"https://github.com/trailofbits.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Binary Type Inference Ghidra Plugin\nThis plugin recovers and applies inferred type information to a Ghidra database. The plugin uses a type inference algorithm inspired by [\"Polymorphic Type Inference for Machine Code\"](https://arxiv.org/abs/1603.05495), to derive types that are conservative in the presence of subtyping and polymorphism. The Ghidra plugin itself is a frontend for a static analysis and type inference located in the [binary_type_inference](https://github.com/trailofbits/binary_type_inference) repository. Jump to the [DEMO.md](DEMO.md) to see an example workflow, or follow the install directions to get started.\n\n## Installing \nDownload the latest release from the [releases page](https://github.com/trailofbits/BTIGhidra/releases). The plugin can be installed by opening Ghidra and selecting \"Install Extensions...\" in the project window. Select the downloaded zip, and ensure the checkbox next to BTIGhidra is checked. After restarting Ghidra, the plugin will be installed and the analysis will be available. [DEMO.md](DEMO.md) provides usage instructions.\n\n## Building from Source\n\nPlease be sure to grab the submodules:\n\n```sh\ngit submodule update --init --recursive\n```\n\n## Build Requirements\n\nThe following must be installed:\n\n* Java 11+\n* gradle 7+\n* Rust toolchain with Cargo build system\n\nThere is a [Dockerfile](./Dockerfile) that provides an environment that is able to build and run the tests. Run the following from the root directory of this repo\n\n```sh\n$ docker build -t bti .\n# Drop into the built container with this repo mapped in\n# You can run the rest of the commands in the README within the Docker container\n$ docker run --rm -t -i -v \"$(pwd):/home/tob/workspace\" -w /home/tob/workspace bti /bin/bash\n```\n\n## Building\n\nMake sure you have an environment variable set to the Ghidra installation directory (this is already set up in the Docker image/container):\n\n```sh\nexport GHIDRA_INSTALL_DIR=\u003cpath_to\u003e/ghidra_11.0.1_PUBLIC\n```\n\nUsing the [just](https://github.com/casey/just) tool (or view the [`justfile`](./justfile) for common workflow commands):\n\n```sh\njust build\n```\n\nAfter building, you can find the zipped plugin in `plugin/dist` directory\n\n## Installing\n\nIf you are not using the Docker container, this command will build the zip and install it into the Ghidra directory specified by `GHIDRA_INSTALL_DIR`\n\n```sh\njust install\n```\n\nIf you built using Docker, then you can only use the resulting built plugin on a Linux distribution newer than Ubuntu 20.04.\n\nTo install the plugin built by the Docker container, open Ghidra 11.0.1 on your host machine:\n\n1. Navigate and click on `File -\u003e Install Extensions...`\n2. Click on the `+` icon in the upper right corner of the window\n3. Navigate to the path of this repo under `plugin/dist` and select the latest built `ghidra_11.0.1_PUBLIC_\u003cdate\u003e_BTIGhidra.zip` file and hit `OK` to finish the selection\n4. Hit `OK` again if you do not see the message to \"restart Ghidra\"\n5. Restart Ghidra\n\nThe plugin is now installed!\n\n## Usage\n\n[DEMO.md](DEMO.md) walks through how to use the installed plugin to infer types on the mooosl ctf challenge.\n\n## Testing\n\n```sh\njust test\n```\n\n## Usage Notes:\n\nBTIGhidra currently relies on Ghidra's notions of parameters to bind physical locations to function parameters. If the decompiler has function signatures that are correct, you can run the Decompiler Parameter ID analysis to apply the decompile signatures to the ghidra database.\n\n## Acknowledgments\n\nThe underlying type inference algorithm used in this work was primarily inspired by and derives significant direction from the following paper:\n```\nM. Noonan, A. Loginov, and D. Cok, \"Polymorphic Type Inference for Machine Code,\" arXiv:1603.05495 [cs], Mar. 2016, Accessed: Nov. 08, 2021. [Online]. Available: http://arxiv.org/abs/1603.05495\n```\n\nThe methods described in the paper are patented under process patent [US10423397B2](https://patentcenter.uspto.gov/applications/15393463) held by GrammaTech, Inc. This work was developed with permission from GrammaTech pursuant to the GPLv3 terms of their own implementation: https://github.com/GrammaTech/retypd.\n\nAny opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of GrammaTech, Inc.\n\nWe would also like to thank the team at FKIE-CAD behind [CWE Checker](https://github.com/fkie-cad/cwe_checker). Their static analysis platform over Ghidra PCode provided an excellent base set of capabilities in our analysis.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrailofbits%2Fbtighidra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrailofbits%2Fbtighidra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrailofbits%2Fbtighidra/lists"}