ScratchABit is an interactive incremental disassembler with data/control flow analysis capabilities. ScratchABit is dedicated to the efforts of the OpenSource reverse engineering community (reverse engineering to produce OpenSource drivers/firmware for hardware not properly supported by vendors, for hardware and software interoperability, for security research). ScratchABit supports well-known in the community IDAPython API to write disassembly/extension modules.
reverse-engineering disassembler ida-plugin ida idapythonIDA Plugins & IDAPython Scripting Library. For documentation, see sark.rtfd.io.
ida-pro ida-plugin reverse-engineering static-analysis idapythonCopyright 2011-2017 Google Inc.Disclaimer: This is not an official Google product (experimental or otherwise), it is just code that happens to be owned by Google.
ida-pro ida-plugin reverse-engineering c-plus-plus postgresql-database database binnaviCopyright 2016-2017 Google Inc.Disclaimer: This is not an official Google product (experimental or otherwise), it is just code that happens to be owned by Google.
ida-pro ida-plugin c-plus-plusUsed to grab full-resolution images of IDA graphs. Released under MIT license.
sark ida-plugin ida-proIDA Pro plugin to view Exports. The problem is that IDA for some reason sometimes does not show certain names in Exports or does not demangle them. This plugin fixes this problem.
ida-pro ida-pluginIDA Pro plugin to make functions tree view. Plugin parses function names and groups them by namespaces. Currently does not support search, is not possible to sort, no context menu.
ida-plugin ida-proThis is an IDA Pro Python plugin to make Hex-Rays Decompiler output bit more attractive. HRDEV plugin retrieves standard decompiler output, parses it with Python Clang bindings and puts back. The only requirement is Clang Python binding. See https://pypi.python.org/pypi/clang. Clang binding is required to parse decompiler output and produce plugin output.
ida-pro ida-plugin clang-python-binding hex-rays-decompilerThis is a simple IDA plugin to load PDB symbols. The problem is that sometimes IDA crashes for me when trying to load symbols, so I came up with this quick and dirty alternative. This plugin relies on Python pdbparse module (https://github.com/moyix/pdbparse), and I have it included in plugin, because I had to do minor modifications to code.
ida-plugin ida-proIdaJava is a plugin for IDA Pro that allows to write IDA plugins in Java. In other words: IdaJava is to Java like IDAPython is to Python... The plugin creates an in-process Java VM and looks for JAR files in IDA's plugins directory. Each Java based plugin gets their own menu item in Edit|Plugins. NOTE (2017): This is old code that will likely no longer work. It's mainly here for reference. I don't plan on making further changes.
ida-pro ida-plugin reverse-engineering c-plus-plus swig🐤 pssst! - ida-batch_decompile is also part of project: unbox - a nobrainer commandline tool to unpack and decompile all sorts of things.
ida decompile ida-plugin batch-processing ida-batch-decompile reverse-engineeringThe auxiliary plugin jarvis_launcher.py registers a shortcut (Alt-J) which launches the actual plugin. JARVIS is written in PySide (Qt). It consists of a dockable Widget with several tabs, one for each different category.
idapython-plugin ida-plugin reverse-engineering ida pyside pintoolStingray is an IDAPython plugin for finding function strings. The search is from the current position onwards in the current function. It can do it recursively also with configurable search depth. The results order is the natural order of strings in the BFS search graph. For each found string it displays the xref address, the string address, the string type and the of course the string itself.
ida-pro idapython-plugin ida-plugin idapython reverse-engineering string-search static-analysisThe IDA 7.0 SDK should also be located at $(IDADIR)\idasdk.
ida ida-pro ida-plugin reverse-engineeringThis tool aim to provide a collaborative malware analysis framework. Scripts under the folder examples permits some basic actions for a Polichombr instance.
malware-analysis reverse-engineering ida idapro malware-research security-tools ida-pluginDBGHider is an IDA Pro 7.x plugin written in Python. It aims to hide IDA Winddows debugger from processes. DBGHider uses two ways to hook functions: conditional breakpoint and inline hook.
ida-pro ida-plugin idapython-pluginUseful Scripts for helping in reverse engeenering.
windbg scripts ida-pluginIdarop is an IDA plugin which list and store all the ROP gadgets presents within the opened binary. The codebase is vastly copied from the unmaintained IDA plugin idaploiter. However idasploiter is built to work at runtime (lifting IDA debugger API), whereas idarop is aimed for a more static approach. Using IDA to view gadgets allows the user to take advantage of the "advanced" list filtering IDA provides : in the following picture, only gadgets having a 0xff opcode and less than 4 bytes are shown (and the ones touching esp are highlighted).
ida ida-plugin rop-gadgets databaseIFL - Interactive Functions List (plugin for IDA Pro)
ida-plugin ida-pro idapython-plugin
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.