Displaying 1 to 8 from 8 results

iBoot64helper - IDAPython utility to help with iBoot64 reverse engineering

  •    Python

This aims to become an IDAPython utility to help with iBoot64 reverse engineering. Currently it just locates iBoot's proper loading address, rebases the image, and identifies ARM64 functions based on a common function prologue. As you can see in the screenshot below, 1347 functions are recognized after running it on iBoot version 4076.1.43. I will be adding features to it, like function renaming based on string usage, etc.

Utilities - Uncategorized utilities

  •    Python

Uncategorized utilities that do not need their own repository. Small dumb utility to port obvious function matches across two IDA databases.

JARVIS - "Just Another ReVersIng Suite" or whatever other bullshit you can think of

  •    Python

The auxiliary plugin jarvis_launcher.py registers a shortcut (Alt-J) which launches the actual plugin. JARVIS is written in PySide (Qt). It consists of a dockable Widget with several tabs, one for each different category.

Sundials

  •    Julia

Note that CVODES and IDAS contain all functions provided by CVODE and IDA (for integration without sensitivity analysis). If you need to use the latter, you can set enable_sensitivities=false in deps/build.jl and (re)build the package. before you install the package. Downloading and/or re-building of the library can be triggered by Pkg.build("Sundials") if anything goes wrong.




polichombr - Collaborative malware analysis framework

  •    Python

This tool aim to provide a collaborative malware analysis framework. Scripts under the folder examples permits some basic actions for a Polichombr instance.

golang_loader_assist - Making GO reversing easier in IDA Pro

  •    Python

This is the golang_loader_assist.py code to accompany the blog I wrote, Reversing GO binaries like a pro (in IDA Pro). There is also the hello-go directory which contains the simple hello world code I used as an example.