mirror of
https://github.com/NationalSecurityAgency/ghidra.git
synced 2024-11-22 04:05:39 +00:00
.. | ||
images | ||
BSimTutorial_Basic_Queries.md | ||
BSimTutorial_BSim_Command_Line.md | ||
BSimTutorial_Creating_Database_From_GUI.md | ||
BSimTutorial_Enabling.md | ||
BSimTutorial_Evaluating_Matches.md | ||
BSimTutorial_Exe_Results.md | ||
BSimTutorial_Filters.md | ||
BSimTutorial_Ghidra_Command_Line.md | ||
BSimTutorial_Intro.md | ||
BSimTutorial_Overview_Queries.md | ||
BSimTutorial_Scripting.md | ||
README.md |
BSim Tutorial
BSim is a Ghidra plugin for finding structurally similar functions in (potentially large) collections of binaries. It is based on Ghidra's decompiler and can find matches across compilers, architectures, and/or small changes to source code.
This tutorial demonstrates how create a small BSim database and walks through some typical use cases.
Detailed information about BSim can be found in the "BSim" entry of the Ghidra Help.
- Introduction to BSim
- Starting Ghidra and Enabling BSim
- Creating and Populating a BSim Database from the GUI
- Basic BSim Queries
- Ghidra from the Command Line
- BSim from the Command Line
- Evaluating Matches
- From Matching Functions to Matching Executables
- Overview Queries
- BSim Filters
- Scripting and Visualization
Next Section: Introduction to BSim