pyghidra-mcp is a headless Model Context Protocol server for Ghidra that enables project-wide analysis of multiple interdependent binaries. By integrating automation with AI capabilities, it allows for seamless tracing of function calls across an entire software ecosystem, enhancing reverse engineering and vulnerability research. The tool supports comprehensive insights into complex applications by exposing an entire Ghidra project for analysis in a single session.

VMDragonSlayer is an advanced framework designed for the automated analysis of binaries protected by various Virtual Machine (VM) protectors, utilizing multiple analysis engines such as Dynamic Taint Tracking and Symbolic Execution. Its goal is to streamline and enhance the reverse engineering process, transforming what typically takes weeks or months into efficient, structured analysis. The framework supports integration with popular reverse engineering tools and features a modular architecture for extensibility and custom workflows.

A comprehensive guide for setting up a Windows virtual machine and various tools for reverse engineering and malware analysis. It covers installation steps for essential software, debugging techniques, and methods for manipulating Portable Executable (PE) properties, alongside practical exercises involving malware samples and code execution through DLL sideloading. The article emphasizes the automation of processes and validation through GitHub workflows.

Automated Function ID database generation in Ghidra streamlines the reverse engineering process for binaries lacking symbol information by allowing analysts to create and apply function signatures. The article discusses utilizing scripts and PowerShell to extract object files from static libraries, import them into Ghidra, and generate function signatures, enhancing the clarity and efficiency of vulnerability analysis in software.