binary ninja plugin

[psifertex]

Summary

There's already an IDA plugin (and #49 tracking the for a ghidra plugin), would be nice to have BN plugin.

Motivation

Because many people use BN and capa has some nice features that would be great to expose to BN users.

[psifertex]

I'm working on this right now (starting with just the import script to test) and I came across: https://github.com/fireeye/capa/blob/master/scripts/import-to-ida.py

Can you clarify how the "All Rights Reserved" on that interacts with the Apache license on the whole repo? I assume it's an artifact from before the apache license was added?

I'd like to create a derivative of that script but obviously I can't do that if it's under full copyright and not Apache. :-)

[williballenthin]

The capa tool and its supporting resources are released under the Apache 2.0 license. The FireEye legal team had asked us to include the header on each source file, though to be completely honest, I don't know the ins-and-outs. I will ask around and see if they can clarify what they expect this header to convey. For the past many months, there has been agreement to release the tool under Apache 2.0 so I do not expect to encounter any surprises during this discussion.

Thanks for double checking on this. We want the tool to be used in many ways, and will do our best to make this easy for you. I'm excited for the Binary Ninja importer and any other integrations!

[psifertex]

Thanks! If you don't mind a suggestion, maybe:

Copyright (C) 2020 FireEye, Inc. Released under an Apache License Version 2.0.

is worth running by the legal team. If they've already agreed to the license I can't imagine they'd mind as you point-out.

Normally having the repo license be Apache 2.0 is enough to be sure, but it's not uncommon for some repositories to be generally released under a specific license but to have some files inside of it released under a different license and my understanding of "All Rights Reserved" is that it's explicitly full copyright that does not allow any other adaptations like those encouraged by open source licenses.

[williballenthin]

Let's move the licensing discussion to #173. Please keep updating us on the Binary Ninja integration here!

[agnosticlines]

Hey, is this still planned/in development? :-) Sorry to bump such an old issue

[psifertex]

No worries! There has actually been some activity behind the scenes not represented here. There is still interest and in fact Capa now uses Binary Ninja as one of its backends for automation. No immediate timeline but there is also interest from several parties in potentially putting together a UI based plugin too

[Compr0mzd]

Hey is there updates regarding the plugin ?

[williballenthin]

@xusheng6 and the Vector35 crew have implemented a Binary Ninja backend for capa. We haven't had a chance to implement a UI plugin yet, unfortunately. I won't hazard a guess as to an ETA since I'm usually too optimistic.

Of course, we'd be happy to guide or mentor a contributor to port the IDA plugin to Binary Ninja. Both rely on Qt so I hope that the architecture will translate easily.

[xusheng6]

I remember the IDA plugin comes with a rule editor. It would be easier to first implement a BN plugin that browses the capa result. After that, if people really need the rule editing feature, we can get started on portion that part as well.