Back
NCC Group Publication Archive
Public tools

May 4, 2018

1 min read

Python Class Informer: an IDAPython plugin for viewing run-time type information (RTTI)

RTTI can be an extremely helpful way to gain insight about a C++ binary during reverse engineering, and Python Class Informer’s visualization of the class hierarchies can strengthen these insights even further. We hope reverse engineers’ lives will become a little easier using the visualizations produced by this plugin. Currently, there are several known issues with the parsing of RTTI data that we’re planning on fixing, as well as some features we’d like to add, so stay tuned for future updates.

The plugin can be obtained from GitHub at the following URL: https://github.com/nccgroup/PythonClassInformer

Read how to use this plugin in more detail on our blog: https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/

Published by NCC Group Publication Archive

Here are some related articles you may find interesting

Public Report – Confidential Mode for Hyperdisk – DEK Protection Analysis

During the spring of 2024, Google engaged NCC Group to conduct a design review of Confidential Mode for Hyperdisk (CHD) architecture in order to analyze how the Data Encryption Key (DEK) that encrypts data-at-rest is protected. The project was 10 person days and the goal is to validate that the…

Public Reports

April 12, 2024

1 min read

Non-Deterministic Nature of Prompt Injection 

As we explained in a previous blogpost, exploiting a prompt injection attack is conceptually easy to understand: There are previous instructions in the prompt, and we include additional instructions within the user input, which is merged together with the legitimate instructions in a way that the underlying model cannot distinguish…

Machine Learning
Offensive Security & Artificial Intelligence

April 12, 2024

3 mins read

Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224)

Ollama is an open-source system for running and managing large language models (LLMs). NCC Group identified a DNS rebinding vulnerability in Ollama that permits attackers to access its API without authorization, and perform various malicious activities, such as exfiltrating sensitive file data from vulnerable systems.

Research
Technical advisories
Vulnerability

April 8, 2024

7 mins read

Previous post Next post

View articles by category

Most popular posts

Most recent posts

Call us before you need us.

Our experts will help you.

Get in touch