Support analyzing a binary ninja database #2496
Labels
Comments
|
Apparently the same can be done with other backends as well |
|
Yes, that would be very neat. With idalib it should be not too complicated to adjust for IDA for example. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It would be great if capa can directly take a binja database as input for analysis. A common situation is a binary needs to be pre-processed in binja to remove certain packing/obfuscation. Right now we have to somehow export the PE to have it be processed by capa.
This is not only less-convenient, certain changes made in binja does not necesarily show up in the exported PE. Think of when you add a new segment in the analysis database, it would not be part of the exported PE. Another less obvious case is when the IL has been rewritten by a workflow -- there would be no way to export the resulting IL to the PE
As such, it would be great if capa can directly take a binja database as input and ask binja to do the feature extraction
Related to #2489
The text was updated successfully, but these errors were encountered: