Binary Ninja Sidekick 2.0: Analyzing Ransomware with Large Language Models

Throughout this video we look at the 2.0 features of the Binary Ninja's Sidekick plugin, which leverages AI and Large Language Models (LLMs) to assist during the reverse engineering process. We use these features to identify and decrypt an embedded Donex ransomware configuration. Sidekick 2.0 blog: https://binary.ninja/2024/08/12/sidekick-2.0.html Training: https://training.invokere.com/course/imbtbn Merch: https://shop.invokere.com Twitch: https://www.twitch.tv/InvokeReversing Twitter: https://twitter.com/InvokeReversing Mastodon: https://infosec.exchange/@invokereversing 0:00 Introduction 0:45 Find Crypto Functions with Analysis Workbench 5:00 Sidekick Coding Assistant 7:17 Operator Overview 10:48 Finding and Decrypting Ransomware Configuration 12:47 Sidekick Assistant Code Reimplementation 15:05 Code Insight Map 17:46 Outro