Binary Ninja Blog

Are you ready for the next stable Binary Ninja release? 3.1 is live today and contains many major improvements:

• Better Performance
• Non-Commercial Multithreading
• Clang Type Parser
• New Windows Types
• Native Debugger
• Logging System
• Enterprise API

If you were expecting 3.1 to be the “Windows” update, we were too as that was the original plan! However, given the scope of major new features, we split the original release plan into two halves. While many Windows improvements are indeed coming in 3.1, others are now planned for 3.2, the new “Windows” release.

The last time we did a State of the Ninja post was slightly over 2 years ago. Coronavirus was hitting record highs, the world was in lockdown, the episode number was 13… They were trying times to be sure. It was also right before our 2.0 release that included HLIL. Pretty crazy how far we’ve come in such a short span of time, right?

Today, we’re about 3 months past our release of Binary Ninja 3.0. That version came with a huge amount of new features for everyone to play with like:

• A fresh, new UI
• Decompilation to ‘Pseudo C’
• New stack and variable views
• The preliminary release of Workflows

…and a whole bunch of other cool stuff like various API improvements, native builds for the M1 chip, and offline updates for our Enterprise customers.

But, that was 3 months ago. Today, I want to talk about what we’ve been working on since. We’re releasing 3.1 in the next month or so, but some of these features are already done and shipped in our development builds for you to try today.

We are well aware that analyzing large binaries in Binary Ninja right now can use a significant amount of memory. So, as we develop what will become our next release, 3.1, we are focusing on improving performance across the board. As a preliminary step, all Binary Ninja development builds starting from 3.0.3306-dev now include some of these memory usage and performance optimizations.

If you would like to check out these changes and help us test them, you can change your update channel in Preferences -> Update Channel… within Binary Ninja. Just set it to the “Binary Ninja development build” channel, select a version greater than or equal to 3.0.3306-dev, and click “Done”. Once Binary Ninja has downloaded the new version, click the green arrow in the bottom-left corner and Binary Ninja will restart and apply the new update.

We’re excited to announce Binary Ninja 3.0 is live today! Most of our stable releases have been quarterly, but this 3.0 release took over six months, and this list of improvements really justifies it.

So what has this wait brought you? Here’s our top eight favorite (with many more below).

• Fresh UI
• Pseudo C
• API Improvements
• Stack and Variable Views
• Workflows
• Enterprise: Offline Updates
• Function Parameter Detection
• M1 Native

In fact, this release is so chock full of good stuff that five of the top nine all-time most up-voted features are shipping in this release! (Related: go up-vote your favorites for upcoming releases.)

In the first installment of this series, we got a Z80 architecture up and running with disassembly and control graphs. In this second installment, we’ll add lifting and discuss Binary Ninja’s intermediate languages.

We are so happy to announce the release of our long awaited Binary Ninja Enterprise product. Throughout my 17-year reverse engineering and vulnerability research career I’ve wanted a way to collaborate with my teammates and coworkers. We tried many open source solutions which would eventually get out of sync or corrupt our database. We even wrote our own solution thinking, “We’re not going to make the same mistakes all those other schmucks made!” Only after months of wasted effort did we realize how difficult the problem was and that the platform we were trying to implement collaboration with was very deeply incapable of supporting such a feature.

When we started developing Binary Ninja in 2015 we knew at a fundamental level that we needed the product to be able to support collaboration. This goal influenced many of the design decisions throughout our development. Finally, two years ago (almost to the day), we committed the first lines of code on the product that we’re releasing today. We’re so proud of the product our engineers created, especially Glenn and Josh who saw our vision through.

As we kick off this year’s Reverse Engineering Survey (don’t forget to submit before October 7 to be eligible for the prizes), we wanted to spend some time digging into last year’s results and showing some of what we learned. And surprisingly, that includes the question of exactly how humble are reverse engineers! In total, our 2020 survey had 582 responses, of which 52% were Binary Ninja users. That’s not surprising since people likely to hear about the survey are necessarily more likely to already be Binary Ninja users.

Given that, this is definitely a biased sample of the total set of reverse engineers so make sure to take that in mind when considering the results.

The Grand Reverse Engineering Challenge is an event that tests reverse engineer’s ability to break some of the strongest methods to protect software. The protections include control flow flattening/indirection, integer encryption, virtual machine protection, and anti-debugging, etc. Most of the challenges are protected by the Tigress obfuscator. Tigress offers plenty of methods to obfuscate and protect software. It is well-known for these challenges. Attempts to solve them often lead to interesting results.

One noticeable difference from other CTFs is that the reverse engineers are asked to install a piece of monitoring software on their machine (presumably a dedicated virtual machine). The software collects data on how reverse engineers deal with the challenges. The collected data will be later used for research purposes. I am glad to contribute to the research community, so I do not feel these requirements intrusive. After all, I did it on a clean VM.

In this blog post, I will explain how I solved one of the obfuscated challenges with Binary Ninja. Also, it is worth mentioning that I am lucky to win the event and earn prize money of 5,000 USD!

Binary Ninja has always had great support for user-created themes. While implementing a new theme is an easy process, designing a theme can be challenging. My goal is for this post to serve as a reference resource for those interested in creating themes for Binary Ninja. It will cover both the theory behind designing a theme, as well as the best practices for implementing one.

It’s that time again – we’ve just released another stable version, 2.4. This is the last in our line of 2.x updates, with our next stable update 3.0 coming next. While 3.0 contains a brand new UI overhaul, even this 2.4 release is chock-full of fantastic features, bug-fixes and improvements alike. The most notable new features include:

• Enhanced decompiler array support
• Search improvements
• Filtering and collapsing of types
• Plugin Manager dependency installation
• Automatic structure creation
• Function properties dialog