Skip to content
/ InsecureFunctionFinder Public

A Ghidra plugin to automatically find known insecure functions and will create a bookmark to quickly traverse to that location for review.

License

MIT license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Xenios91/InsecureFunctionFinder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
InsecureFunctionFinder.java
InsecureFunctionFinder.java
 
 
README.md
README.md
 
 
license
license
 
 

Repository files navigation

Insecure Function Finder

General Information

  • Author: Corey Hartman
  • Language: Java 17 (should be compatible with Java 8+, as no features I believe above 8 were utilized)
  • Description: A Ghidra plugin to automatically find known insecure functions and will create a bookmark to quickly traverse to that location for review.
  • Currently works for the following functions: atoi, atol, atoll, exec, gets, memcpy, printf, sprintf, strcat, strcpy, strlen, strncpy, system, vsprintf

Installation/Compilation

  • Requires Ghidra
  • Just place this script in your Ghidra plugins folder, which can be created by selecting "Manage Script Directories" in Ghidras Script Manager.
  • Note: This was tested on Ghidra 10.4.1, older versions may not work as intended.

Utilization

  1. Perform analysis with Ghidra.
  2. Open Ghidra's Script Manager.
  3. Double Click InsecureFunctionFinder.java
  4. Open Bookmarks to review discovered insecure functions.

About

A Ghidra plugin to automatically find known insecure functions and will create a bookmark to quickly traverse to that location for review.

Topics

static-analysis security-tools ghidra-scripts

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages