Skip to content

ReVa 7.3.0 - Diffing, performance and long tasks!

Latest
Latest

Choose a tag to compare

View all tags
@cyberkaida cyberkaida released this 13 Jun 08:32
· 1 commit to main since this release
v7.3.0
4e29959

✨ Big changes!

Binary diffing and Version Tracker support import and diff large and small files!

ReVa now supports long running diff sessions. These can be as large as a kernel or a number of malware samples.
The diff tool is designed to lead the model to identify differences in code, structure, constants, etc. Very useful for
symbolicating samples from older analysis and isolating important changes in samples.

Asynchronous analysis

Support for background jobs and MCP notifications. Long running analysis jobs are now supported. Better save and
version control is included. ReVa will not throw away analysis if it takes too long.

PyGhidra scripting support

ReVa can see user scripts, write new scripts and run Python. ReVa will use your PyGhidra virtual environment.

NOTE: ReVa listens on a socket on localhost by default. Please consider enabling API Key support or disabling script support on a shared host or if you expose ReVa to the network!

Tool toggles

If you do not use a feature it can now be disabled in the Ghidra project settings. Disabling unused features reduce context use. This is useful for local models with smaller context.

Security hardening

When mcp-reva starts Ghidra it now generates a random API key and a random port. Multiple copies of mcp-reva can work on different projects at the same time.

Follow Me mode

A new button is on the Code Browser toolbar, enabling this will follow ReVa in real time. Very fun with multiple agents collaborating on a sample! Very nice for demos!

Ghidra 12.1 support

Added support for Ghidra 12.1.

🦾 Refactors and testing

  • Added many, many new tests covering more of ReVa
  • Combined read only tests to speed up test times!
  • Moved more older tools to the SchemaBuilder and ToolResultBuilder

⚒️ Fixes

  • Worked around upstream MCP issue with incorrect session deletion. ReVa will disconnect less.
  • Fixed decompiler line number mismatches and issues mapping disassembly to decompilation
  • vtable tool refactored to use pcode. Now architecture independent.
  • Decompilation now includes unreachable code by default. If eliminate unreachable code was enabled in the Ghidra Decompiler settings ReVa could make bad assumptions. This has significantly improved performance on obfuscated samples.

Full Changelog: v7.2.1...v7.3.0

Assets 22
Loading