clearbluejar

https://clearbluejar.github.io/clearbluejarblog, code, and research 2026-02-09T05:26:03+00:00 clearbluejar https://clearbluejar.github.io/ Jekyll © 2026 clearbluejar /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS2026-02-03T06:15:00+00:00 2026-02-04T10:13:55+00:00 https://clearbluejar.github.io/posts/how-llms-feed-your-re-habit-following-the-uaf-trail-in-clfs/ clearbluejar

Dive into how LLMs and pyghidra-mcp accelerate reverse engineering by tracing a UAF vulnerability in CLFS through a patch diff.

pyghidra-mcp: Headless Ghidra MCP Server for Project-Wide, Multi-Binary Analysis2025-08-19T15:56:00+00:00 2026-01-20T21:31:44+00:00 https://clearbluejar.github.io/posts/pyghidra-mcp-headless-ghidra-mcp-server-for-project-wide-multi-binary-analysis/ clearbluejar

Unlock project-wide, multi-binary analysis with pyghidra-mcp, a headless Ghidra MCP server for automated, LLM-assisted reverse engineering.

Supercharging Ghidra Using Local LLMs with GhidraMCP via Ollama and OpenWeb-UI2025-04-30T00:00:00+00:00 2026-02-03T00:36:25+00:00 https://clearbluejar.github.io/posts/supercharging-ghidra-using-local-llms/ clearbluejar

Reverse engineering binaries often resembles digital archaeology: excavating layers of compiled code, interpreting obscured logic, and painstakingly naming countless functions and variables.

Everyday Ghidra: Symbols — Automatic Symbol Acquisition with Ghidra — Part 22024-05-28T00:00:00+00:00 2024-12-21T14:09:58+00:00 https://clearbluejar.github.io/posts/everyday-ghidra-symbols-automatic-symbol-acquisition-with-ghidra-part-2/ clearbluejar

This post, another lesson from the “Everyday Ghidra” series, walks through the process of configuring Ghidra to automatically download symbols from well known public symbol servers

Everyday Ghidra: Symbols — Prescription Lenses for Reverse Engineers — Part 12024-05-07T00:00:00+00:00 2024-12-26T14:26:51+00:00 https://clearbluejar.github.io/posts/everyday-ghidra-symbols-prescription-lenses-for-reverse-engineers-part-1/ clearbluejar

In reverse engineering a closed-source binary using Ghidra or other software reverse engineering frameworks, a key objective is to retrieve information that clarifies the disassembled code. This involves identifying function names, prototypes, data types, constants, and enums. These elements, symbolized as human-readable identifiers, simplify both programming and reverse engineering by providing a more intuitive representation of the program’s state, akin to using a high level language versus assembly code. Leveraging these symbols within Ghidra can significantly aid in understanding the program’s behavior.