This project contains a collections of scripts that can detect many kinds of CWE automatically. It mainly based on what I do in a internship.
This can be a great example for Ghidra scripting, and it is well documented so you won't miss any important details(Hopefully 🤔).
There some common setup use should do before get hands on those scripts.
-
Of course, because it is all use
Ghidraas disassembly tool, you must hadGhidrainstalled on your machine.The installation can be Found on
Ghidra's official site, or if you usemacOSwithhomebrewinstalled, you can simply run following command then you are ready to go.$ brew install ghidra
-
ghidra_bridge(optional)
In order to run python script, you may wanna to use ghidra_bridge. It's a must if you wanna running python script.
ghidra_bridgeuse custom rpc call to communicate with a server installed in ghidra, syncing data between client and server. So you can use python3 to write all logic and don't need to worry syntax compatibility withJython.To use
ghidra_bridge, running following commands in your terminal, more details please refer to ghidra_bridge.# Install ghidra_bridge package $ pip3 install ghidra_bridge # Install the server as a ghidra plugin $ python3 -m ghidra_bridge.install_server ~/ghidra_scripts
After installation of ghidra_bridge, open ghidra then start the server, happy exploring yourself.
-
Z3 Prover(optional)
Some script may need a SMT Solver, install it with following commands if it needs one.
$ pip3 install z3-solver
-
Juliet Test Suite(optional)
If you wanna test what could the script do, I recommend you to take a look at Juliet Test Suite. You can use it against scripts in this repo to see what result it would output. Or you can use it against your own tools.
More details on Juliet Test Suite and the subfolder.
The whole project arranged by the name of CWE, each folder contains a python(or java) script that you can run with the instructions alongside the script.
There is a list of all scripts: