Skip to content

Recording Analysis Results

Sidekick offers several features to record, review, and manage results from both Sidekick's analysis and your own:

Indexes

Indexes provide a way to collect and organize locations of items in a binary, such as functions, instructions, variables, and other Binary Ninja objects. They are useful for grouping related items together and can be used to record analysis results.

Structure Each index is a collection of entries represented as a table in the Indexes sidebar. Each row in the table is an entry that corresponds to an item in the binary. The columns in the table include the address of the entry, the entry itself, and any additional metadata about the entry. The structure of indexes is flexible, allowing you to create an index containing arbitrary entries from potentially multiple sources with custom metadata.

Creating Indexes

When opening a new binary, the Indexes sidebar is empty. There are several ways to create a new index:

Creating Indexes from the Indexes Sidebar

From within the Indexes sidebar, you can create a new index through any of the following actions:

  • Click on the + icon at the top of the sidebar
  • If there are no indexes in the Indexes sidebar, right-click in the empty space of the sidebar and select Create New Index
  • If there are no indexes in the Indexes sidebar, right-click in the empty space of the sidebar and select Add Query. This will create an empty index and open the Add Entries dialog where you can enter a Binary Ninja Query Language (BNQL) query to find entries to add to the index. After entering the query, click OK to run the query and add its results to the created index.

Creating Indexes from the Chat Sidebar

When using the Chat Assistant, you can create a new index from the Chat sidebar by requesting the Chat Assistant to create an index. The Chat Assistant will use the update_index tool to create a new index and add entries to it based on the results of a BNQL query. You can specify metadata for the entries in your request, and the Chat Assistant will handle the creation of the index and its entries.

Creating Indexes from Automation Workbench Scripts

You can also create a new index from an Automation Workbench script using the Sidekick API. Refer to the Automation Workbench documentation for more details.

Deleting Indexes

To delete an index from the set of indexes for the current binary, select the index that you want to remove from the indexes set using the combo box, click the hamburger menu, and select Delete Index.

Renaming Indexes

To rename an index from the set of indexes for the current binary, select the index that you want to rename from the indexes set using the combo box, click the hamburger menu, and select Rename Index.

Displaying Indexes

To display an index from the set of indexes for the current binary, use the combo box at the top of the sidebar to select an index to display from among the set of indexes added to the current binary.

Once an index is selected, its entries are displayed in a table within the sidebar. The table contains columns for the address of the entry, the entry itself, and any metadata defined with the entry.

Searching Entries

To search for entries in the current index, enter a search term in the Search [n] entries... text box at the top of the sidebar. Only table entries containing matches to the current search term are displayed.

Note

All columns in the index table are searchable.

Adding Entries

There are several ways to add entries to an index:

Adding Entries from the Add Entries Dialog

You can add entries to an index from the Add Entries dialog. This dialog allows you enter a Binary Ninja Query Language (BNQL) query to find entries to add to the index. The results of the query will be added as entries to the index. The dialog allows you to enter a title for the query, which is used to identify the source of the entries in the index for the query.

There are several ways to open the Add Entries dialog:

  • If an index is displayed in the Indexes sidebar, right-click in the empty space of the sidebar or right-click any entry, and select Sources->Add Query.
  • If an index is displayed in the Indexes sidebar, click Add Query from the hamburger menu in the Indexes sidebar.
  • If there are no indexes in the Indexes sidebar, right-click in the empty space of the sidebar and select Add Query. (Note: This will create an empty index and open the Add Entries dialog for the new index.)
  • If an index is displayed in the Indexes sidebar, open the Source Management dialog by selecting Manage Sources... from the hamburger menu in the Indexes sidebar, or by right-clicking the empty space of the sidebar or right-clicking any entry and selecting Sources->Manage Sources.... In the Source Management dialog, select the Queries tab and click Add Query....

Adding Entries from the Chat Sidebar

When using the Chat Assistant, you can add entries to an index from the Chat sidebar by requesting the Chat Assistant to do so. The Chat Assistant will use the update_index tool to add entries to an index. You can specify the index to add entries to and any metadata for the entries in your request. The Chat Assistant will handle the addition of the entries to the index and the creation of the index if it does not already exist.

Adding Entries from Automation Workbench Scripts

You can also add entries to an index from an Automation Workbench script using the Sidekick API. Refer to the Automation Workbench documentation for more details.

Removing Entries

To remove entries from an index, select any cell of the entries you want to remove, right-click and select Remove entries. Multiple selections are supported.

Note

Entries marked as read-only will not be removed.

Sorting Entries

Index table entries can be sorted by any column value. To sort entries, click on the column header of the column you want to sort by. The entries will be sorted in ascending order by default. Clicking the column header again will toggle the sort order to descending.

To navigate to the location in the binary associated with an index table entry, perform any of the following actions:

  • Double-click on the Address or Entry column value for a given index table entry
  • Right-click on the index table entry and select Navigate to Address

Marking Entries Read Only

Index table entries can be marked read-only, which prevents them from being over-written when the table is updated during script/query execution. To mark/de-mark an entry read-only, right-click on the index table entry and select/deselect Read Only.

Note

If an entry is marked as read-only, then when the same script or query that originally generated the entry is re-run and adds the same entry, a new, duplicate entry will be added to the table. If the read-only attribute of the entry is removed, then when the same script or query that originally generated the entry is re-run, any duplicate non-read-only entries will be removed.

Managing Sources

Each entry in an index is associated with a source that was used to add it. Sources can be scripts or queries. To manage sources for a selected index, open the Manage Sources dialog by performing any of the following actions:

  • Click the hamburger menu in the Indexes sidebar and select Manage Sources...
  • Right-click in the empty space of the sidebar or right-click any entry, and select Sources -> Manage Sources...

The Source Management dialog allows you to view and manage the sources associated with the entries in the index. The dialog contains two tabs: Queries and Scripts. The Queries tab displays the associated queries used to add entries to the index, while the Scripts tab displays the associated scripts used to add entries to the index. Scripts are automatically associated with the index when they add entries to it.

Alternatively, source queries and scripts associated with an index can be viewed and managed directly from the Indexes sidebar by right-clicking in the empty space of the sidebar or right-clicking any entry and selecting Sources -> <query/script name>.

Managing Source Queries

The Queries tab in the Source Management dialog allows you to view and manage the queries associated with the entries in the index. Queries are displayed as a table with the following columns: * Title: The name of the query, which is used to identify it. * Query Text: The Binary Ninja Query Language (BNQL) query used to find entries to add to the index. * Created: Approximately when the query was created.

For each query in the table, you can perform the following actions by right-clicking on the query:

  • Run: Click Run to run the query and add its results to the index.
  • Edit: Click Edit to open the Add Entries dialog and edit the query.
  • Remove: Click Remove to remove the query and its entries from the index.

Note

The above actions can also be performed on source queries directly from the Indexes sidebar by right-clicking in the empty space of the sidebar or right-clicking any entry and selecting Sources -> <query name>.

Managing Source Scripts

The Scripts tab in the Source Management dialog allows you to view and manage the scripts associated with the entries in the index. Scripts are displayed as a table with the following columns: * Name: The name of the script, which is used to identify it. * Associated: Approximately when the script was associated with the index.

For each script in the table, you can perform the following actions by right-clicking on the script:

  • Run: Click Run to run the script and add its results to the index.
  • Edit: Click Edit to open the Automation Workbench sidebar and edit the script.
  • Remove: Click Remove to remove the script and its entries from the index.

Note

The above actions can also be performed on source scripts directly from the Indexes sidebar by right-clicking in the empty space of the sidebar or right-clicking any entry and selecting Sources -> <script name>.

Copying Cells

To copy cells to the clipboard, select any set of cells, right-click and select Copy.

Refreshing Indexes

The entries in an index are not automatically updated when the binary or scripts change. To keep the index up-to-date, you can re-run the sources (scripts and/or queries) associated with the entries in the index. This allows you to refresh or update the entries based on the latest state of the binary and/or script.

To refresh an index, perform any of the following actions: * Select Refresh Index from the hamburger menu in the Indexes sidebar. * Right-click anywhere in the empty space of the index table and select Refresh Index. * Right-click any entry in the index table and select Refresh Index.

Previewing Cell Contents

To preview the contents of a selected cell in the index table, you can use the Cell Contents pane within the Indexes sidebar. This pane displays the contents of the selected cell, allowing you to quickly view the details without navigating away from the index table.

To open the Cell Contents pane, click the hamburger menu in the Indexes sidebar and select Show Cell Preview. This will toggle the visibility of the Cell Contents pane.

The Cell Contents pane will display the contents of the currently selected cell in the index table. If no cell is selected, the pane will be empty.

Note

Cells from the Address and Entry columns are not displayed in the cell preview. Also, during an update to the index table, the cell contents preview is cleared. A cell must be selected again to preview its contents.

Pinning Indexes

A single index can be opened in a separate pane within the main view frame through an operation referred to as "pinning". To pin an index, select the index from the indexes set and perform any of the following actions:

  • Click the hamburger menu and select Pin Index to New Pane
  • Right-click anywhere on the index table and select Pin Index to New Pane

This action creates a new pane within the main view frame with the content of the selected index. From the pinned index, you can perform any of the following actions:

  • Search the pinned index entries
  • Sort index entries by column value
  • Any right-click context menu action supported in the index table (excluding Pin Index to New Pane)

Notebook

The Notebook is a collection of documents that can be used to record and organize information related to the binary being analyzed. It provides a way to capture and manage findings, insights, and other relevant information that can be referenced later. Sidekick uses the Notebook to store results from its own analyses. It also actively references the information in the Notebook as context for ongoing and future analyses. This allows you to build a knowledge base of findings and supply helpful context for Sidekick's analyses.

Documents are organized into categories, which can be used to group related documents together. Each document contains a name, category, content, and provenance information. The Notebook sidebar displays documents in a tree structure, allowing you to easily navigate through the categories and documents.

The contents of the Notebook are saved in the Binary Ninja Database (BNDB) when the BNDB is saved, so you can access your findings later.

Adding Documents

Sidekick will automatically create Notebook documents to record significant findings during its analysis. You can also add your own documents to the Notebook. To add a document, perform one of the following sets of actions to launch the Add Document dialog:

  • Click on the hamburger menu in the Notebook sidebar and select Add Document.
  • Right-click an existing document category in the Notebook sidebar and select either Add Document to Category or Add Document.
  • Right-click an existing document in the Notebook sidebar and select Add Document.

In the Add Document dialog, you can enter the document's name, category, and content fields. The content field is formatted as json with the following structure:

{
    "title": "Document Name",
    "description": "Document content goes here",
    "referenced_locations": ["func_name", "func_name2"],
}

Note

When adding your own document, its provenance source field is automatically populated as manual entry via dialog.

Editing Documents

To edit an existing document in the Notebook, select the document from the Notebook sidebar, right-click on it, and select Edit Document. This will open the Edit Document dialog, where you can modify the document's category, content, and provenance fields.

The document's provenance field is formatted as a json list with the following structure:

[
  {
    "author": "Author Name (e.g. 'user' or 'sidekick')",
    "source": "Where the information came from (e.g. Chat page name, 'manual entry via dialog', etc.)",
    "timestamp": "2025-07-13T03:17:29.888780+00:00"
  }
]

Each provenance entry must have "author" and "source" fields. "timestamp" is optional and will be auto-generated if omitted.

Searching Documents

To search for content in Notebook documents, enter a search term in the Search notebook text box. Only documents containing the search term are displayed in the Notebook sidebar.

Exporting Notebooks

To export the current Notebook to a json file, click the hamburger menu in the Notebook sidebar and select Export Notebook.... This will open a file dialog window where you can choose the location and name of the exported file. The Notebook will be saved as a JSON file, which can be imported later or shared with others.

Importing Notebooks

To import a Notebook from a json file, click the hamburger menu in the Notebook sidebar and select Import Notebook.... This will open a file dialog window where you can choose the json file to import. During import, you will be prompted to select whether to overwrite the current Notebook or merge the imported Notebook with the current one. If you choose to overwrite, the current Notebook will be replaced with the imported one. If you choose to merge, the entries from the imported Notebook will be added to the current Notebook without removing existing entries.