clearbluejar

https://clearbluejar.github.io/clearbluejarblog, code, and research 2026-06-04T17:47:21+00:00 clearbluejar https://clearbluejar.github.io/ Jekyll © 2026 clearbluejar /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png System Over Model, Tested: Reproducing Mythos's FreeBSD Find on Local Open-Weight Models2026-06-04T07:00:00+00:00 2026-06-04T07:00:00+00:00 https://clearbluejar.github.io/posts/system-over-model-tested-mythos-freebsd-local-openweight/ clearbluejar

Mythos found a 17-year-old FreeBSD RCE; AISLE reproduced it with gpt-5.4-nano via their nano-analyzer pipeline. I ran the pipeline on two local open-weight models, gpt-oss-20b and gemma-4-31b-it. The misses recovered on re-run. The real problem was the false-positive rate, and one extra system stage cut it from 30 to 5 with the CVE still standing.

pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI2026-05-05T07:00:00+00:00 2026-05-10T07:53:47+00:00 https://clearbluejar.github.io/posts/pyghidra-mcp-meets-ghidra-gui-drive-project-wide-re-with-local-ai/ clearbluejar

pyghidra-mcp v0.2.0 ships a GUI-backed mode that lets a local LLM drive a live Ghidra CodeBrowser at full project scope. Renames, plate comments, and cross-binary pivots land in real time, with every edit tagged in Ghidra's undo history while the session is alive.

How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS2026-02-03T06:15:00+00:00 2026-02-04T10:13:55+00:00 https://clearbluejar.github.io/posts/how-llms-feed-your-re-habit-following-the-uaf-trail-in-clfs/ clearbluejar

Dive into how LLMs and pyghidra-mcp accelerate reverse engineering by tracing a UAF vulnerability in CLFS through a patch diff.

pyghidra-mcp: Headless Ghidra MCP Server for Project-Wide, Multi-Binary Analysis2025-08-19T15:56:00+00:00 2026-01-20T21:31:44+00:00 https://clearbluejar.github.io/posts/pyghidra-mcp-headless-ghidra-mcp-server-for-project-wide-multi-binary-analysis/ clearbluejar

Unlock project-wide, multi-binary analysis with pyghidra-mcp, a headless Ghidra MCP server for automated, LLM-assisted reverse engineering.

Supercharging Ghidra Using Local LLMs with GhidraMCP via Ollama and OpenWeb-UI2025-04-30T00:00:00+00:00 2026-05-05T06:27:56+00:00 https://clearbluejar.github.io/posts/supercharging-ghidra-using-local-llms/ clearbluejar

Reverse engineering binaries often resembles digital archaeology: excavating layers of compiled code, interpreting obscured logic, and painstakingly naming countless functions and variables.