Month: March 2019

Daenerys: IDA Pro and Ghidra interoperability framework

elias Ghidra, Reverse Engineering

Ghidra has only been released for a short while and the RCE community started adopting it (scripts, tutorials, articles, etc.) really quick. Since Ghidra is free and open-source (coming soon™), I expect a torrent of contributions in the form of tools, plugins and scripts.

I think it is important not to create a schism between IDA users and new Ghidra users because that will not benefit the RCE community. For that reason, I think it would be cool to have a simple way to seamlessly run scripts between the two SRE frameworks.

Today I introduce the Daenerys framework that lets you run IDA scripts in Ghidra and vice versa. Since I am a long term IDA user, it is easier for me to start writing the IDA-to-Ghidra adapters first. As time goes by, I will become more familiar with Ghidra’s APIs and will be able to write the adapters that let users run Ghidra scripts seamlessly in IDA as well.

If you have watched the Game of Thrones show, you are perhaps familiar with Daenerys Targaryen (aka “The mother of dragons”). I chose her name for this project because IDA’s logo is represented by a certain medieval lady and Ghidra by a dragon (some say from the GodZilla lore / King Ghidorah). Having the Daenerys framework’s logo as a lady and a dragon standing on equal footing represents a harmonious relationship between the two.

If you are a graphics designers, I would appreciate it if you can create a logo for the framework better than the one I found using Bing.com’s public domain image search.

The Daenerys framework is still in its infancy and your contributions/suggestions are welcome.

Finally, I hope the RCE community continues to strive and becomes more accessible to everyone interested in the field.

Ghidra: A quick overview for the curious

elias IDA Pro

Ghidra, is a software reverse engineering (SRE) suite of tools developed by NSA’s Research Directorate in support of the Cybersecurity mission. It was released recently and I became curious about it and wanted to check it out.

I have not researched to see if someone else did a similar overview article or not, however, I am writing this article for myself and those who don’t want to run Ghidra themselves and just want to learn a bit about it.

I know that it is unfair to compare Ghidra to IDA Pro, but I cannot help it: I am a long time user of IDA Pro and it is my only point of reference when it comes to reverse engineering tools.

This article is going to be long and will contain lots of screenshots. I just started playing with Ghidra and therefore, I might be wrong or might be presenting inaccurate or incomplete information so please excuse me ahead of time.

Table of contents

Continue reading