You can add Python script to Ghidra (software for reverse engineering).
Ghidra API and Python helps you automate some reverse engineering tasks.
- Create a folder at
~/ghidra_scriptsand move Python scripts in it. - Inside Ghidra, go to
Window -> Script Mananger. - In the toolbar, click on
Manage Sript Directoriesand enable$USER_HOME/ghidra_scripts. - Now you can search for your scripts with the search bar and double click on it to run it.
Find all the XOR opcode where operand 1 != operand 2 in the .text section.
Example :
find_xor_with_different_registers.py> Running...
[INFO] You can click on address to view it in the dissasembler (listing) view.
[INFO] Looking for XOR ...
[INFO] 0x08048cd8 : XOR EAX,0x30
[INFO] 0x08048e30 : XOR EDI,dword ptr GS:[0x14]
[INFO] Done !
find_xor_with_different_registers.py> Finished!