updated Readme with PyGhidra changes

2026-01-08 21:07:58 -05:00 · 2025-10-08 11:58:56 -04:00
parent 8fbf5c8cf7
commit 04181bce35
5 changed files with 23 additions and 52 deletions
--- a/README.md
+++ b/README.md
@@ -13,33 +13,26 @@ Follow normal Ghidra extension installation procedures.  Copy the CodeCut and De
 **NOTE:** After restarting and loading a CodeBrowser window, Ghidra will tell you it has found new plugins and ask if you want to configure them.  Only CodeCut shows up in this window.  This is because DeepCut is a "one-shot" analyzer (it is still installed).

 ## Configuring Native Python Paths & Python Dependencies
-Both CodeCut and DeepCut rely on native Python (outside of Ghidra) on your system.  CodeCut uses native Python for guessing module names.  DeepCut's model evaluation runs in native Python.  
+Both CodeCut and DeepCut rely on the native PyGhidra extension, and are not compatible with Jython. CodeCut uses native Python for guessing module names.  DeepCut's model inference runs in native Python.  

 ### Native Python Dependencies
+
 CodeCut: 
 - nltk

 DeepCut: 
 - torch
 - torch-geometric
+- networkx
+- scipy

-To install dependencies run:
-
-```
-pip3 install nltk
-pip3 install torch torch-geometric
+To install dependencies, run:
+```bash
+pip install nltk
+pip install torch torch-geometric networkx scipy
 ```
+using the Python installation linked to your PyGhidra.

-(assuming that pip3 points to the version of Python you plan to use below)
-
-### Configuring CodeCut Python Path
-![](img/codecut-config.png)
-Configure the native Python path for CodeCut by choosing **Edit -> Tool Options** and selecting "Python Executable."
-
-### Configuring DeepCut Python Path
-![](img/deepcut-config.png)
-
-Configure the native Python path for DeepCut by choosing **Analysis -> Analyze All Open...** and selecting **Deepcut (Prototype)**.  After changing the path, click the **Apply** button.

 ## Running DeepCut Analysis
 DeepCut is best run as a one-shot analyzer *after* initial auto-analysis.  Select **Analysis -> One Shot -> Deepcut**.  After DeepCut runs, you can view the results by looking at the **Namespace** field in the **Symbol Table** view.
--- a/codecut-gui/README.md
+++ b/codecut-gui/README.md
@@ -3,7 +3,7 @@

 ## Building and Installation

-Requirements are the same as the Ghidra build requirements, currently JDK 17 (or newer) is required for Ghidra 10.2.
+Requirements are the same as the Ghidra build requirements, currently JDK 21 (or newer) is required for Ghidra 11.

 Ghidra's standard Gradle build system is used. Set the `GHIDRA_INSTALL_DIR` environment variable before building, or set it as a Gradle property (useful for building in an IDE).

@@ -20,13 +20,12 @@ gradle
 echo GHIDRA_INSTALL_DIR="/path/to/ghidra" > gradle.properties 
 ```

-### Python 3 
+### PyGhidra and Dependencies

-The CodeCut GUI's Module Name Guessing tool requires Python 3. Before running the tool, you may need to modify the Python Path of the tool. To do this, **Edit -> Tool Options -> Python Executable**. Insert path to your Python 3 executable. Click apply and ok.
+CodeCut GUI requires the PyGhidra extension, and is not compatible with Jython.

-### Install nltk
-This module depends on the Python 3 dependency `nltk`. Run the following command to install:
-```
+The CodeCut GUI's Module Name Guessing tool requires the Python dependency [Natural Language ToolKit](https://www.nltk.org/). CodeCut attempts to automatically install the dependency when the tool is launched, but it can also be installed using the Python associated with PyGhidra by running:
+```bash
 pip install nltk
 ```

--- a/deepcut-ghidra/README.md
+++ b/deepcut-ghidra/README.md
@@ -30,39 +30,18 @@ used by your Ghidra installation. If you have multiple Java runtime
 environments installed, select the correct JRE by setting the
 `JAVA_HOME` environment variable before building.

-### Native Python 3 
-The Deepcut graph based machine learning model needs Python 3 to
-execute (outside of Ghidra). The analyzer calls an external Python 
-process to execute the model on a graph representation of the binary. 
-There are no GPU requirements since the model converge quickly even 
-running in CPU mode.
-
-#### Python 3 Path
-By default the analyzer use the command `/usr/local/bin/python3` to
-execute the deepcut python script. This setting can be changed in the
-Analysis Options menu **Analysis -> Analyze All Open...** To change the
-setting you need to click the checkbox next to **Deepcut (Prototype)**
-first.
-
-#### Dependencies
-Deepcut has the following Python 3 dependencies:
-
-  - torch 1.7.1
-  - torch-geometric 1.6.3
-  - torch-cluster 1.5.8
-  - torch-sparse 0.6.8
-  - torch-scatter 2.0.5
-  - torch-spline-conv 1.2.0
-
-To install the dependencies:
+#### ### PyGhidra and Dependencies

+DeepCut requires the PyGhidra extension, and is not compatible with Jython. It uses [PyTorch Geometric](https://pytorch-geometric.readthedocs.io/) to perform machine learning on the function call graph. It has the following Python 3 dependencies:
+  - torch
+  - torch-geometric
+  - networkx
+  - scipy
+DeepCut attempts to automatically install the dependencies when the tool is launched, but they can also be installed using the Python associated with PyGhidra by running:
 ```bash
-pip install torch==1.7.1+cpu -f https://download.pytorch.org/whl/torch_stable.html
-pip install -r requirements-torch_geometric.txt
+pip install torch torch-geometric networkx scipy
 ```
-
-The torch-cluster dependency can take a significant amount of time to
-build and install.
+The torch-geometric dependency can take a significant amount of time to build and install.

 ## Running the Analyzer
 The Deepcut analyzer will not run during auto-analysis. Once the binary
--- a/img/codecut-config.png
+++ b/img/codecut-config.png
--- a/img/deepcut-config.png
+++ b/img/deepcut-config.png