One of the developers here, been planning on doing some coordinated posts about it, just been super busy at DEF CON this week. Happy to answer questions though.
Nope, just an unfortunate name collision. We've been using binary ninja as the name of the tool for many years now, but it was a private tool that nobody knew we had it for the first few years for CTFs (this is the python version we open sourced before we started rewriting it) so they just happened to start using a similar team name some time after that.
The domain name time stamps should show that if it matters, though I don't think it really does.
I don't know what Radare does, but after I read your comment I installed Radare2 (because binja didn't let me save my file). I didn't get anywhere because Radare2 looks like it has a super steep learning curve, whereas with binja I just right-clicked the jump that looked like it'd do what I want and selected "Patch -> Never jump".
I'm not sure why you're dismissing usability, but it's a very big feature in a tool, one of the most important ones.
It's important, but the market share of Vim is roughly inverse porportional to how important it is.
Anyways, yeah, Radare isn't super usable. I'd guess I only understand 10% of it. And Radare2 is in active development, and wasn't totally ready for prime time, which is what I thought the usability comment was about.
Been using this for quite some time - psifertex and crew have really done an incredible job in a pretty short period of time. Highly recommend checking it out, especially if you're sick of the shittiness of IDA. Only thing it's missing is some solid decompilers.
Sorry to seem a bit daft, but I'm looking for a definition of 'reversing platform' and I'm not getting much. What is this for and what does it do? Who would use it?
On the other hand, Binary Ninja is the first result, so in some ways, you've got the SEO right :)
"reversing" in this sense is shorthand for "reverse engineering" or the analysis and reconstruction of the code for a executable binary at the assembly language level without the benefit of the original source code or debug symbols. The most common legitimate use is for analyzing malware and viruses. The best known product in this field is IDA Pro. (It would have been nice for the site to provide a comparison between the two, since such a comparison is inevitable anyway.)
Poking around the demo this feels really polished, which is a welcome change from most tools in this space, as they tend to be awkward at best. I look forward to future features.
- Why do you copy IDA and have a 32bit only demo? I can't actually evaluate this properly as everything I care about reversing these days is x64
- Doesn't seem to be any python/API plugin support? I hope you are thinking about how you will support plugins from the start, and not tack it on later (usually this results in hell for dev and users - see IDA's shitty plugin architecture)
- In the non-callgraph disassembly mode, it's difficult to follow. I think there is an overload of colour/styles
TLDR; Nice interface, clean gui, but lacking many features of IDA. The features it does have seem to work well though. I will be keeping an eye on this in future.
IDA is typically too expensive for hobbyist reverse engineers, not to mention has a pretty steep learning curve for it. If this helps introduce new people into reverse engineering I'm all for it.
Don't take it the wrong way. It looks like a nice start. I just wish for better reversing tooling, and am merely giving a critique that if this was to replace IDA for me, it'd have to provide something that IDA does not.
There's plenty of things IDA does that we don't do, but the list of things we do they don't is growing.
To start with, we have undo, which is a simple feature but it underlies some design decisions that are going to show up in other features in the near future as well.
Because we have the ability to separate user interactions from our internal analysis we can not only undo, but also better support collaborative editing and upgrading of older saved databases.
In terms of features we already have, we have a static data flow implementation that allows you to query register values at addresses which greatly simplifies a lot of analysis plugins. Here's an example:
I see that you have faithfully replicated at least some of IDA's insane graph view glitches.
Do you have the one where a line goes to one side by more than a screen's width, goes down a tad, and then goes back sideways to nearly where it started?
I can't patch stuff unless Binary Ninja works, and I can't get it to work unless I can patch stuff! :(
I'm afraid I'm not knowledgeable enough to do it by hand. I can make a jump always fail by setting the instructions to NOPs, but I can't recalculate offsets and things required to turn a jne into a jmp...
Their main competitor is IDA Pro, which goes for $1129 for its "standard" edition. There is a version of IDA Pro that's only $589, but it supports only 32-bit code.
It is very easy to make an argument that IDA Pro is so fantastically underpriced that it has killed the market for these kinds of tools by setting a bad price point.
I'm sure there are tons of random people on HN that would love to learn more about RE by tinkering with tools like this, or maybe even that have $50 worth of work to throw at it. But in the real world, most of the market for IDA Pro is made by consultants and in-house security teams, all of whom realize something far closer to $100,000 in value from IDA, annually, than $3999.
Meanwhile, if you want to sell a reversing tool that integrates with IDA --- something like BinNavi or BinDiff --- you have to cope with IDA's $3999 price point. Whatever you sell will inevitably have to be cheaper than that. Result: most of the product talent in this space goes to appliances that sell for $50,000 a pop and only to companies that will buy 6+ boxes in a pilot.
Binary Ninja is cheap. But it's also a labor of love.
Seconded. I have a reverse engineering practice with my consultancy. Investing ~$5000 into IDA tooling has returned over $100k for me this year. Granted, it helps that this investment is tax deductible for me.
People who say that IDA Pro is expensive are not HexRays' primary market, or they have not been professionally reversing software for very long. The product is just phenomenally cheap from a value-added perspective. Open source alternatives are pretty good, and if you're focusing on iOS applications Hopper is nice, but for a one-stop shop on all platforms with excellent support and superlative features, IDA easily kills the competition.
My reverse engineering practice routinely returns more than my AppSec practice on fewer engagements. That's also just for reverse engineering, not for specialties involving reverse engineering (such as blackbox cryptanalysis, malware analysis, blackbox binary auditing, exploit development, etc).
Trying to understand as someone who's not a security professional:
Is IDA like Visual Studio or XCode - you basically need this to do your work - or is it more like Sublime Text or Text Mate or Github - boosts productivity but many people get by without it?
Cost of IDA is nothing. Actual problem is that you can't really buy it at all if you're not well-known expert or AV company employee. Plenty of people would be happy to buy it, but they can't.
>>Actual problem is that you can't really buy it at all if you're not well-known expert or AV company employee. Plenty of people would be happy to buy it, but they can't.
This is patently false. You can buy all HexRays products online.[1] I've done it myself. I'm confused as to why you're claiming this.
To add yet another data point: Hex-Rays refused to sell IDA to me at first (I quote: "Please contact us from your corporate email address for verification. We do not deliver to free email accounts."). I had to use my @google.com address to confirm I am a Google employee even though this is a personal license!
Lucky you then. They simply not selling it to someone who reverse engineer old games for instance. Or anyone who decide to not send them scan of their passport and provide any other weird proof of identify.
PS: Just in case not everyone live in first world countries or being employee of well known companies. While it's possible to buy almost any software just fine IDA have extremely weird policies.
Hi, I bought a copy of IDA when I was 18 expressly for the purpose of reverse-engineering old games.
To be fair, I used my university E-mail, and they thought they were licensing it to my university until I tried to transfer it to my personal E-mail upon graduating....
There are other ways to obtain this, as you probably already know. Not sure if they do any more than what another ecommerce shop would do to verify a large transaction from an international order.
Anyone else have a problem with this? Are they indeed requiring more than the normal proof of identity to complete a cc transaction?
Should be out in a week or two. Most of the code changes are done, we're just taking a break between DEF CON / recuperating from a lot of long nights getting the first release out.
It should only take a day or two once we get working again.
When it says the non-commercial version lacks "High-Performance Multi-Threading", does that mean all decompiles are going to be single-threaded, or every kind of worker in the entire platform, or ?
I (mostly) understand the rationale of not wanting to make it easy to bulk-decompile binaries for supposedly "non-commercial" users, but I'd be wary of seeing how much personal usability suffers before signing the dotted line.
Assuming they ship the version with it enabled in the cheaper versions. It's always been hilarious to me that the software which is used to remove license checks and registration schemes has those things. IMO give it away and sell commercial licenses as support / etc. seems like given all the trouble trying to implement DRM and checks for the people who are most skilled at breaking those things is kinda pointless for the returns you get. Also, your product would likely generate a lot of good will and user adoption, since seriously a lot of people who want this stuff aren't even 18 yet and couldn't afford it anyway. Just give it to them, let them grow up learning how to use it, then sell it to their employer some day. Adobe and MSFT do this at the university level with great success.
For reverse engineering of protocols and formats for legacy software that was developed decades ago with no source code available. This is totally legal in many cases since there tons of companies that lose source for their own software.
Yup! QT. Electron might be fast enough for graph view, I don't know, we'd have to test it. The good news is that the core is completely separable from the interface so we could re-architect the GUI if needed.
If you do happen to be at DEF CON we're actually having a meet up this evening: https://twitter.com/vector_35/status/762050462195396608