Skip to content
/ brocstruct Public

Ghidra plugin for automatic struct definition extraction from executables.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

brocbyte/brocstruct

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
ghidra_scripts
ghidra_scripts
 
 
gradle/wrapper
gradle/wrapper
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
build.bat
build.bat
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 

Repository files navigation

brocstruct

Brocstruct is a work-in-progress Ghidra script for automatic struct definition extraction from executables.

It is based on Ghidra's P-Code analysis and "theoretically" can work for all architectures supported by Ghidra itself.

The main idea is to track all LOAD/STORE accesses of the form *(arg + offset). For now it works inside functions only (no interprocedural analysis).

There are already more mature plugins/scripts to do the same:

About

Ghidra plugin for automatic struct definition extraction from executables.

Topics

reverse-engineering symbolic-execution p-code ghidra ghidra-scripts

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages