Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/felberj/gotools
Plugin for Ghidra to assist reversing Golang binaries
https://github.com/felberj/gotools
ghidra golang reverse
Last synced: 3 months ago
JSON representation
Plugin for Ghidra to assist reversing Golang binaries
- Host: GitHub
- URL: https://github.com/felberj/gotools
- Owner: felberj
- License: mit
- Created: 2019-04-06T20:09:07.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2021-04-12T08:42:52.000Z (over 3 years ago)
- Last Synced: 2024-06-20T11:13:23.963Z (5 months ago)
- Topics: ghidra, golang, reverse
- Language: Java
- Homepage:
- Size: 37.1 KB
- Stars: 303
- Watchers: 12
- Forks: 40
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-ghidra - gotools - Plugin for Ghidra to assist reversing Golang binaries (Ghidra Scripts/Plugins/Extension)
README
Go Plugin for Ghidra
=============================
Plugin to assist reversing Golang binaries with Ghidra.
This is in a VERY early stage and for now only handles linux/x86_64 binaries.
# Installation
1. [Download the release](https://github.com/felberj/gotools/releases) for your Ghidra version
2. Copy ZIP to `$GHIDRA_DIR/Extensions/Ghidra/`
3. Start Ghidra, `File > Install Extensions`, check the box next to *gotools*
4. Restart Ghidra
# Usage
When importing, select the Language **x86:LE:64:golang:default**
# Features
- Recover function names
- Recover number of arguments and return type
# Developers
Code formatted with
`clang-format -i -style=Google src/main/java/gotools/*.java`
# References
- [Reversing GO binaries like a pro](https://rednaga.io/2016/09/21/reversing_go_binaries_like_a_pro/)
- [pkg/runtime documentation](https://golang.org/pkg/runtime/)
- [The Go low-level calling convention on x86-64](https://science.raphael.poss.name/go-calling-convention-x86-64.html#strings-and-slices-use-two-and-three-words)