Home

Awesome

vtgrepghidra - VT-GHIDRA Plugin

Main image

This is a non official VirusTotal plugin for GHIDRA. This plugin integrates functionality from VirusTotal web services into the GHIDRA's user interface. The current version is v0.1, This plugin is not production-ready yet, and unexpected behavior can still occur and released without any warranty. This release integrates VTGrep into GHIDRA, facilitating the searching for similar code, strings, or sequences of bytes.

Requirements

Windows

No requirements.

Linux

apt-get install osslsigncode or compile from source code (https://github.com/mtrojnar/osslsigncode) if you are experiencing any problems.

MacOS

brew install osslsigncode, also on MacOS, for some reason we didn't want to get into, you'll need to execute in orde for it to work:

echo /usr/local/etc/openssl* | xargs -n1 -I{} mkdir -p {}/certs
echo /usr/local/etc/openssl* | xargs -n1 -I{} ln -s {}/cert.pem {}/certs/ca-bundle.crt

Installation

Place the script files in any of the Script Directories (Window->Script Manager or via the shortcut: Script Manager Shortcut):

Scripting Directories

and then click Refresh script list.

Features

Examples

General usage:

General Usage

Searching by the same certificate:

Same Certificate

Credits