PS C:\sre> ghidra
ghidra > File > Open > programName
ghidra > Program Tree
Filter: {functionName}
- clicking on the any function will bring the focus on the "listing workspace" for the specified function
- this doesn't have to be the "main" function
* any function can be used to trace the main function
ghidra > listing workspace > right-click the function name > References > Show Call Trees
* expand the calls...
ghidra > Function Call Trees
* click each calls and look for the "int __cdecl _func__cdecl_int(int _Argc, char **Argv, char **...
in the decompile workspace
- the most important identifier is the...
(int _Argc, char **Argv, char **...
