nccgroup
Function Identification
I'd like to be able to quickly identify "interesting" functions in a memory dump (e.g. hab_authenticate_image() ).
A lot can be achieved just through identification of unique strings in upstream code and identifying references to them.
At this time, I'm still debating whether this should actually be baked into the Depthcharge Python module. I am leaning towards "No" as it would require that I pull in something like Captone bindings as a dependency, and then proceeding to re-invent the wheel.
Instead, I think I'd instead prefer to invest this effort into IDA and Ghidra scripts, and potentially something using Ghidra's Headless Analyzer. Given that this project is intended to be a "toolkit" -- I think that this could be a perfectly reasonable approach.
