[baq]

given what the clankers can do unassisted and what more they can do when you give them ghidra, no software is 'closed source' anymore

[embedding-shape]

Guess that kind of depends on your definition of "source", I personally wouldn't really agree with you here.

[baq]

absolutely agree with you if we're talking about clean room reverse engineering; but in the context of finding vulnerabilities it's a completely different story

[raddan]

I mean-- to an LLM is there really any difference between the actual source and disassembled source? Informative names and comments probably help them too, but it's not clear that they're necessary.

[criddell]

Which models have you had good luck with when working with ghidra?

I analyze crash dumps for a Windows application. I haven't had much luck using Claude, OpenAI, or Google models when working with WinDbg. None of the models are very good at assembly and don't seem to be able to remember the details of different calling conventions or even how some of the registers are typically used. They are all pretty good at helping me navigate WinDbg though.