Ghidra Plugin

Run and inspect Havoc debug sessions directly in Ghidra, including time-travel stepping, register/stack/memory inspection, breakpoints/watchpoints, and MMIO stream visibility.

Install Quick Start Build

What This Plugin Provides

• Toolbar actions for Start/Stop, Rewind, Continue, Step Block, Reverse Step Block, Step Instruction, Reverse Step Instruction.
• Session controls for server URL, API key, run ID, and testcase.
• Always-visible Registers and Stack panels.
• Tabbed data panels: Breakpoints, Watchpoints, Memory, and MMIO.
• PC navigation + highlight in listing (yellow), and listing-context breakpoint toggle (Havoc > Toggle Breakpoint).
• Persisted preferences for server URL, API key, last run, and last testcase.

Install From Release

1. Download the latest .zip from Ghidra plugin releases.
2. In Ghidra Project Window: File > Install Extensions and select the zip.
3. Enable HavocDebugger in the extension list.
4. Restart Ghidra.
5. In CodeBrowser: File > Configure > Miscellaneous, enable HavocPlugin.
6. Open panel via Window > Havoc Debugger if it does not appear automatically.

Quick Start

Connect + Start SessionStep + InspectBreakpoints + Watchpoints

1. Enter server URL (default: http://localhost:8080).
2. Enter API key when needed.
3. Click Connect.
4. Fill Run ID and Testcase.
5. Click Load or toolbar Start.

1. Use toolbar controls to step or continue execution.
2. Check Registers and Stack for CPU state.
3. Use Memory tab for hex + ASCII memory reads/writes.
4. Use MMIO tab for stream/cursor inspection.

1. Add/remove breakpoints from panel or listing context menu.
2. Add/remove watchpoints (read or write) in Watchpoints tab.
3. Refresh lists from server state as needed.

Capabilities and Behavior

Memory + register edits

Editing register values or memory bytes writes through the debug API immediately.

Session lost detection

If the server restarts and session disappears, plugin prompts to reconnect and restart session.

Symbol resolution

Addresses in stack/MMIO/breakpoint tables attempt symbol resolution via Ghidra symbols and containing data.

Build From Source

Recommended (Docker)Manual Gradle BuildLint / Style

Requirements: - Docker installed

./build.sh

Notes: - Script downloads Ghidra 12.0.1 (build date 20260114) into cache if needed. - Output zip is written to dist/.

Requirements: - Java 21 (JDK) - Gradle 8.x - Local Ghidra 12.x install

gradle -PGHIDRA_INSTALL_DIR=/path/to/ghidra_12.0.1_PUBLIC buildExtension

./lint.sh

• Uses checkstyle with checkstyle.xml rules.

API Commands Used

Key debug commands used through <server>/api/.../debug-session/.../command:

• control: step_block, reverse_step_block, step_instruction, reverse_step_instruction, continue, rewind
• state/data: state, list_regs, read_mem, write_mem, write_reg
• break/watch: add_breakpoint, remove_breakpoint, list_breakpoints, add_watchpoint, remove_watchpoint, list_watchpoints
• input/MMIO: get_input

Troubleshooting

Connect succeeds but stepping buttons are disabled

Start a debug session first (Run ID + Testcase, then Load or Start).

Cannot change server URL while debugging

Stop the active session before changing URL.

No symbols shown in stack/MMIO/breakpoint rows

Symbol labels depend on your currently active program analysis/symbol table.

Version and License

• Extension metadata version: 12.0.1 (extension.properties)
• License: Apache 2.0