Ghidriff: Ghidra Binary Diffing Engine

This talk presents `ghidriff`, a new open-source Python package that offers a command line binary diffing capability leveraging the power of Ghidra with a fresh take on the standard patch diffing workflow.

As seen in most security blog posts today, binary diffing tools are essential for reverse engineering, vulnerability research, and malware analysis as they identify added, deleted, and modified functions between two binaries. Matching functions across binaries is a challenging and asymmetric problem because of complex function relationships and the many changes that can occur after a simple change is introduced into the source of a binary. `ghidriff` overcomes this challenge by offering the latest function matching heuristics while also providing the user the ability to extend it with custom function correlation classes. Like other binary diffing solutions, the tool stands on the shoulders of giants (SRE tooling) to interpret a binary and provide a consistent and reliable approach to binary diffing. Unlike other tools, `ghidriff` offers a command line experience, simplifying the entire patch diffing workflow to only a single step, significantly reducing analysis time. Additionally, the results of the diff are rendered as beautiful markdown files that can be shared and hosted almost anywhere.

`ghidriff` is the open source tool security researchers need to quickly understand the latest patched vulnerabilities and easily share their next vulnerability writeup with the security community.