![]() ![]() Decompiling is often about figuring out data structures both will infer a lot of struct types and sometimes even names based on usage and surrounding code. There's a wonderful interactivity where the decompiler does all the boring book-keeping for you, and you keep feeding it info and it tells you stuff in return. I would estimate it speeds up reverse-engineering by 10x. Hex-Rays charges four-figure sums for single licenses, and it's because the product is utterly worth it if you do this kind of thing for a living (or at least was before Ghidra came along). Stuff like Hopper is basically just assembler code in a different syntax Hex-Rays and Ghidra are real, working, useful decompilers. I've also used Ghidra (9.1) for maybe 50 hours or so.įirst, let me say: Both are leaps and bounds above _anything_ else out there. My information is a few years out of date, but I think most of it is still current. I've used Hex-Rays (IDA Pro's decompiler) not full-time, but 100+ hours, including professionally.
0 Comments
Leave a Reply. |