Hi, Thanks for this tutorial. I just installed latest Ghidra version adn I am having problem running the debugger. I followed the Ghidra help files but it simply does not run. Do you have a tutorial regarding the Ghidra debugger on windows ? Thanks
I always disable the networking while doing any analysis; it is now just muscle memory. But, the big reason why I put it in this video is just in case a viewer decided to not rename the *.exe to *.xxx and accidently double click on it. Yes, maldev.exe is toothless but I want to engrain security in layers in the viewers' mind in case they do decide to "statically analyze" a dangerous malware and accidently execute it.
Can we view the memory and bytes stored in memory to better understand buffer overflows? For instance, how can we change the return value of a function call with a buffer overflow in Ghidra?
Bryce! Historically, you could not do that with Ghidra... until now. Ghidra 10 now has an integrated debugger so we can now do that! Once I feel comfortable with it, I will make a video on how to use the Ghidra Decompiler and how to perform a buffer overflow :)
Try "Amazon Coretto" instead. Java JDK has been giving people issues... to include myself on subsequent installations. Coretto is Amazon's own flavor of Java and it works really well.
if I download the malved file it detects it as a virus if I download it I have tried to disable the firewall and the denfender protection but it blocks it anyway do you know a way to download the file anyway? a thousand thanks
@@stryker2k2 I no longer need ghidra as I have found the program and I am no longer interested in the program as I have found the special program all free so I do not see it paying
Hi, Thanks for this tutorial.
I just installed latest Ghidra version adn I am having problem running the debugger.
I followed the Ghidra help files but it simply does not run.
Do you have a tutorial regarding the Ghidra debugger on windows ?
Thanks
thank you
Whats the point of disabling networking while doing static analysis?
I always disable the networking while doing any analysis; it is now just muscle memory.
But, the big reason why I put it in this video is just in case a viewer decided to not rename the *.exe to *.xxx and accidently double click on it. Yes, maldev.exe is toothless but I want to engrain security in layers in the viewers' mind in case they do decide to "statically analyze" a dangerous malware and accidently execute it.
Have you considered a video on using the GDB debugger with Ghidra to do dynamic analysis? Is it possible to work on Windows as well?
Can we view the memory and bytes stored in memory to better understand buffer overflows? For instance, how can we change the return value of a function call with a buffer overflow in Ghidra?
Bryce! Historically, you could not do that with Ghidra... until now. Ghidra 10 now has an integrated debugger so we can now do that!
Once I feel comfortable with it, I will make a video on how to use the Ghidra Decompiler and how to perform a buffer overflow :)
but you can make the same video with the imusic aimersoft program?
"make the same video with iMusic"... so, like... a "How to Install iMusic" video?
@@stryker2k2 I don't need it anymore for now thank you very much and have a good day carlo
Amazing 👏
for me it says enter directory and when I do it it says "failed to find supported jdk" even tho I have it installed
Try "Amazon Coretto" instead. Java JDK has been giving people issues... to include myself on subsequent installations. Coretto is Amazon's own flavor of Java and it works really well.
@@stryker2k2 perfect that worked. thanks for helping and for the fast reply
if I download the malved file it detects it as a virus if I download it I have tried to disable the firewall and the denfender protection but it blocks it anyway do you know a way to download the file anyway? a thousand thanks
Window Defender Exclusions support.microsoft.com/en-us/windows/add-an-exclusion-to-windows-security-811816c0-4dfd-af4a-47e4-c301afe13b26
@@stryker2k2 I no longer need ghidra as I have found the program and I am no longer interested in the program as I have found the special program all free so I do not see it paying
dont work allready prompt .... :-(
What do you mean?
allready the proimpt quastion line at start
useful
Thanks a ton! I just posted a new Ghidra video today to compliment this one :)
❤️🔥🔥🔥
What about linux? ;)
What is Linux? Hahaha! 🤣 I'd LOVE to make a video on how to install it on Linux!
I am extremely intimidated by assembly code.
It can be quite overwhelming at first. It takes awhile to get comfortable with it but it does become easier as you go along.