Software Engineering Institute

Object-oriented programs pose many challenges for reverse engineers and malware analysts. C++ classes are complex and hard to analyze at the machine code level. We’ve long sought to simplify the process of reverse engineering object-oriented code by creating tools such as OOAnalyzer, which automatically recovers C++-style classes from executables. OOAnalyzer can export its results to other reverse engineering frameworks, and we’ve enhanced our Pharos Binary Analysis Framework to import OOAnalyzer analysis into the recently released Ghidra, software reverse engineering (SRE) tool suite. Ghidra provides the analyst many useful reverse engineering services, including disassembly, function partitioning, decompilation, and various other types of program analyses.