Binary Ninja Blog

The Command Palette is one of the primary interfaces for interacting with Binary Ninja, and has been for almost as long as Binary Ninja has existed. Now, in the upcoming Jotunheim release, the Command Palette is getting more powerful! Beyond just searching menu items, you will be able to search Functions, Types, Strings, and more!

Binary Ninja Enterprise 2.0 is here, and it’s a free upgrade for all active customers! While we plan on supporting the current Enterprise 1.2.x branch for our next few Binary Ninja releases to give customers time to migrate, Enterprise 2.0 already comes with a significant upside: An on-premises version of our new WARP service. To get started, customers with active support can find the server installers in the customer portal, or have them sent via email using the license recovery system. (Note: A v1.x manage_server will not update itself directly to v2.0. We wanted to make sure your current servers wouldn’t update unexpectedly.)

• Highlights
• WARP: On-Prem
• Server Deployment
  • Client Installers
• Upgrade Path
• Get Started Today!

In this blog post, we will take a close look at a Linux binary loaded with various anti-reverse-engineering techniques. The binary is the final boss from the book Programming Linux Anti-Reversing Techniques by Jacob Baines. I will also take this opportunity to show off some Binary Ninja tricks that can speed up your daily analysis!

In this walkthrough, you will learn how to:

• Handle malformed ELF headers and segment tricks
• Work with encrypted and obfuscated code (XOR and RC4)
• Navigate Binary Ninja’s segment and section editing capabilities
• Use powerful selection and transformation features
• Understand the design decisions behind Binary Ninja’s analysis heuristics
• Apply practical workflows for analyzing real-world malware and CTF challenges

For customers who prefer to operate on stable branches, we have released an “R2”, or second release of the Io, 5.2 release. It includes multiple small stability improvements, crash fixes, update fixes for Linux ARM builds, and fixes to WARP, DWARF, and Ghidra Import.

As always, customers with active support on the development branch have access to these changes and more.

For the last few months, we’ve been hard at work on today’s release, Binary Ninja 5.2 (Io)! This release delivers some of our most impactful and highly requested features yet, including bitwise data-structure support (second most requested), container support (fifth most requested), full Hexagon architecture support for disassembly and decompilation, and much more. Under-the-hood, 5.2 also contains some other improvements that will help us chart a course toward even bigger improvements in the future.

Update: A second release (R2) with stability improvements and bug fixes is now available.

Let’s dig in!

Since Binary Ninja 4.2, users have been able to enable WARP, and now with Binary Ninja 5.1 we are finally enabling it by default! WARP has received many features users have been asking for, and a healthy amount of polish on top of that as well. In this blog we’ll describe what WARP is, how it works, and how you can use it to improve your reverse engineering experience.

We’re back with a small hotfix for our recent 5.1 Helion release. Following our usual practice for stable releases, we’ve bundled together several important fixes that have come to light since the original 5.1 launch, along with a new Sidekick sidebar feature.

This release focuses on stability improvements across WARP, the debugger, and Enterprise collaboration, plus some nice UI enhancements. For users on our development branch, these fixes are already available alongside additional features.

With the 5.1 Helion release, we introduced a new capability for architecture plugins that enables function-level basic block analysis by overriding the default implementation. This feature provides powerful new flexibility for performing control-flow recovery on architectures where instruction-level or even basic block-level analysis alone is inadequate for building an accurate control flow graph (CFG). In this post, we demonstrate how this mechanism can be leveraged to resolve zero-overhead hardware loops and accurately identify branch targets in parallel instruction pipelines.

Global pointer usage is an important yet often overlooked concept in reverse engineering. This article explains what it is, how it interacts with Binary Ninja’s analysis and the relevant APIs and settings. This can hopefully help you master it in your day-to-day reverse engineering!

We’re excited to announce Sidekick 5.0 - our latest vision for AI-assisted reverse engineering with Binary Ninja. In this release, Sidekick comes with a new capability to proactively work on tasks that complement your efforts without requiring your supervision. Sidekick also captures and maintains insights from this analysis in a new, fully editable knowledge store called the Notebook. Additionally, we’ve made many important changes and improvements to ensure that Sidekick continues to make reverse engineering faster and easier than ever.