OGhidra uses GhidraMCP and Ollama to enable AI-driven binary analysis using natural language to help accelerate software assurance workflows, such as vulnerability discovery and malware analysis.
Some of the main technical details that I find interesting are:
* Agentic loop that uses a "Plan-Execute-Analyze-Review" workflow to navigate binaries
* RAG for context awareness by creating a semantic map of binaries, so relevant cross-references and function definitions can be pulled into the LLMs context window as needed
* Local Ollama LLMs for privacy/security, no data is sent to external APIs
I'm not the author, but we've talked so I may be able to answer some questions about the tool (or ask the author about complex questions).
OGhidra uses GhidraMCP and Ollama to enable AI-driven binary analysis using natural language to help accelerate software assurance workflows, such as vulnerability discovery and malware analysis.
Some of the main technical details that I find interesting are:
* Agentic loop that uses a "Plan-Execute-Analyze-Review" workflow to navigate binaries
* RAG for context awareness by creating a semantic map of binaries, so relevant cross-references and function definitions can be pulled into the LLMs context window as needed
* Local Ollama LLMs for privacy/security, no data is sent to external APIs
I'm not the author, but we've talked so I may be able to answer some questions about the tool (or ask the author about complex questions).