#Hacktivity2022 // Automating Binary Analysis with Ghidra's P-Code by Gergely Révay

Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. It provides a great free and capable alternative to IDA Pro and Binary Ninja for manual static binary analysis. A lesser-known fact is, that Ghidra also provides a great API and an even better SDK for writing Ghidra scripts. It also has an intermediate language called P-Code. P-Code lies between the assembly code and the decompiled code that the Ghidra UI shows. In this talk, we are going to focus on the combination of these two features and start building binary analysis tools using Ghidra P-Code. This setup has some significant benefits. Just to mention one, if you are only working with P-Code and never look at the assembly, then your script will be architecture-independent and will support all architecture that is supported by the Ghidra decompiler. https://www.hacktivity.com