[laburn]

I regularly look at ARM software and firmware. There are certain things that IDA does better, like FLIRT analysis, which I’ve missed since switching to Ghidra.

Ghidra also currently lacks support for certain ARM instruction decodings so you can get odd looking disassembly. That isn’t to say you can’t add it.

Ghidra has been very nice for reversing C++ code. After filling in most of the members for an object field it makes reversing other subroutines that use the defined type simpler, IMO.

[kbumsik]

Thx for your opinion. What about automatic ARM-Thumb swap on jump instructions? I tried Radare 2 before and it was so hard to work with ARM firmware. If Ghidra supports a proper ARM-Thumb switch, it sounds like a greate alternative to IDA for me.

[laburn]

I don’t normally see ARM with thumb code so I couldn’t tell you. I am fairly certain it is supported but to what degree I am uncertain.

[archontes]

Mind if I ask how to get started reverse engineering software?

[thecatspaw]

In my experience, find something you want to find out about a software, and then do that. For example I wanted to write an autosplitter (used for speedrunning) for the witcher 3. So I first had to figure out a plan. I found out that witcher3 is heavily based on facts, and fact-changes. If you progress a quest, thats an entry to the fact-database. I went looking for the method which adds facts to the db, and after a while I found it. Then I hooked it (redirected it to a custom function, which calls the original after my custom code executed), and wrote the rest of the autosplitter.

[0x4a42]

It's open-source, you shouldn't need to decompile it. :)