Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/allsafecybersecurity/ghidra-jython-kernel
Jupyter Kernel for Ghidra's Jython
https://github.com/allsafecybersecurity/ghidra-jython-kernel
ghidra ghidra-scripts jupyter jupyter-notebook jython reverse-engineering
Last synced: about 2 months ago
JSON representation
Jupyter Kernel for Ghidra's Jython
- Host: GitHub
- URL: https://github.com/allsafecybersecurity/ghidra-jython-kernel
- Owner: AllsafeCyberSecurity
- License: mit
- Created: 2019-12-28T08:46:20.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2022-04-13T22:58:08.000Z (over 2 years ago)
- Last Synced: 2024-08-04T01:02:18.089Z (5 months ago)
- Topics: ghidra, ghidra-scripts, jupyter, jupyter-notebook, jython, reverse-engineering
- Language: Python
- Size: 283 KB
- Stars: 27
- Watchers: 7
- Forks: 2
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[![Actions Status](https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel/workflows/ghidra-jython-kernel%20test/badge.svg)](https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel/actions)
# Ghidra Jython Kernel
Jupyter kernel for Ghidra's Jython.
## Install
```bash
$ pip install ghidra-jython-kernel# make sure GHIDRA_INSTALL_DIR is defined
# don't forget to add this line in your shell config (i.e. bashrc, zshrc)
$ export GHIDRA_INSTALL_DIR=/path/to/your/ghidra_installation_folder
```## Usage
Run your Jupyter(`jupyter notebook`), and select `GhidraJython` named kernel.
Note that, unlike GhidraPython plugin's interpreter, in the context the current running Jython interpreter, you have to import program by yourself. This means, pre-initialized variables in GhidraScript, like `currentProgram` or `state`, aren't available unless you import manually. You can import programs as following.
```python
from ghidra.app.util.importer import MessageLog, AutoImporter
from ghidra.program.flatapi import FlatProgramAPI
from ghidra.util.task import TaskMonitor
from ghidra.util import Msg
from java.io import File
from java.util.function import Consumerclass Cons(Consumer):
def __init__(self, fn):
self.accept = fndef import_program(filepath, enable_analysis=True):
program = AutoImporter.importByUsingBestGuess(
File(filepath),
None,
Cons(lambda x: Msg.error(None, err)),
MessageLog(),
TaskMonitor.DUMMY
)
flatapi = FlatProgramAPI(program)
if enable_analysis:
flatapi.start()
flatapi.analyze(flatapi.currentProgram)
return flatapighidra_app = import_program('/path/to/your/program')
# now you can access to `currentProgram`
ghidra_app.currentProgram
```