Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel

Jupyter Kernel for Ghidra's Jython
https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel

ghidra ghidra-scripts jupyter jupyter-notebook jython reverse-engineering

Last synced: 3 months ago
JSON representation

Jupyter Kernel for Ghidra's Jython

Host: GitHub
URL: https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel
Owner: AllsafeCyberSecurity
License: mit
Created: 2019-12-28T08:46:20.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2022-04-13T22:58:08.000Z (about 2 years ago)
Last Synced: 2024-01-26T11:36:46.248Z (6 months ago)
Topics: ghidra, ghidra-scripts, jupyter, jupyter-notebook, jython, reverse-engineering
Language: Python
Size: 283 KB
Stars: 27
Watchers: 7
Forks: 2
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Lists

awesome-ghidra - ghidra-jython-kernel - Jupyter Kernel for Ghidra's Jython (Ghidra Scripts/Plugins/Extension)

README

        [![Actions Status](https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel/workflows/ghidra-jython-kernel%20test/badge.svg)](https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel/actions)

# Ghidra Jython Kernel

Jupyter kernel for Ghidra's Jython.



## Install

```bash

$ pip install ghidra-jython-kernel

# make sure GHIDRA_INSTALL_DIR is defined

# don't forget to add this line in your shell config (i.e. bashrc, zshrc)

$ export GHIDRA_INSTALL_DIR=/path/to/your/ghidra_installation_folder

```

## Usage

Run your Jupyter(`jupyter notebook`), and select `GhidraJython` named kernel.

Note that, unlike GhidraPython plugin's interpreter, in the context the current running Jython interpreter, you have to import program by yourself. This means, pre-initialized variables in GhidraScript, like `currentProgram` or `state`, aren't available unless you import manually. You can import programs as following.

```python

from ghidra.app.util.importer import MessageLog, AutoImporter

from ghidra.program.flatapi import FlatProgramAPI

from ghidra.util.task import TaskMonitor

from ghidra.util import Msg

from java.io import File

from java.util.function import Consumer

class Cons(Consumer):

    def __init__(self, fn):

        self.accept = fn

def import_program(filepath, enable_analysis=True):

    program = AutoImporter.importByUsingBestGuess(

        File(filepath),

        None,

        Cons(lambda x: Msg.error(None, err)), 

        MessageLog(),

        TaskMonitor.DUMMY

    )

    

    flatapi = FlatProgramAPI(program)

    

    if enable_analysis:

        flatapi.start()

        flatapi.analyze(flatapi.currentProgram)

        

    return flatapi

ghidra_app = import_program('/path/to/your/program')

# now you can access to `currentProgram`

ghidra_app.currentProgram

```