BSim is a Ghidra plugin for finding structurally similar functions in (potentially large) collections of binaries. It is based on Ghidra's decompiler and can find matches across compilers, architectures, and/or small changes to source code.
This tutorial demonstrates how create a small BSim database and walks through some typical use cases.
Detailed information about BSim can be found in the "BSim" entry of the Ghidra Help.
- Introduction to BSim
- Starting Ghidra and Enabling BSim
- Creating and Populating a BSim Database from the GUI
- Basic BSim Queries
- Ghidra from the Command Line
- BSim from the Command Line
- Evaluating Matches
- From Matching Functions to Matching Executables
- Overview Queries
- BSim Filters
- Scripting and Visualization
Next Section: Introduction to BSim