Exploit the possiblities
Showing 1 - 4 of 4 RSS Feed


Posted Mar 26, 2005
Authored by Pedram Amini | Site idefense.com

This IDC script will scan through an IDA database locating and marking the relevant RPC server data structures. It will then enumerate the dispatch routines from the DispatchTable. The script outputs the addresses of the discovered structs / functions and was designed to automate the otherwise tedious manual process of locating RPC routines to audit.

MD5 | 731fa609c8a61e202c76af9c737e9ef9
Posted Mar 3, 2005
Authored by Pedram Amini | Site labs.idefense.com

Built on top of the IDA Function Analyzer, pGRAPH (Pedram's Grapher), provides an interface to generate more detailed and user defined control-flow graphs using the bundled Wingraph package. Extended features include: support for chunked functions, instruction level coloring, edge customization (manhattan vs splines), layout algorithm and more.

MD5 | a6d68ebddfaf56325dbd0c276ff5dccc
Posted Mar 3, 2005
Authored by Pedram Amini | Site labs.idefense.com

Written as a C++ class, Function Analyzer was originally developed to provide an abstracted layer over chunked functions frequently found in Microsoft optimize compiled binaries. As of IDA version 4.7 much of this functionality is built into the SDK. However, Function Analyzer can be used to construct plug-ins compatible across older versions and provides abstracted next_ea()/prev_ea() routines for stepping through an internal unchunked instruction list. The abstraction layer also exposes the following function-level information: basic block enumeration (nodes, edges), call count, MD5 hash, CRC and customizable GDL (Wingraph) generation.

MD5 | 907b58765ae61801140335b89d12a183
Posted Mar 3, 2005
Authored by Pedram Amini | Site labs.idefense.com

IDA Sync was written to allow multiple analysts to synchronize their reverse engineering efforts with IDA Pro in real time. Users connect to a central server through the ida_sync plugin. Once connected, all comments and name changes made with the registered hot keys are immediately transmitted to all other users working on the same project. The central server stores a copy of all changes as well, allowing new analysts to jump on the project and immediately receive up to date information. Included in the source release is a C++ class providing IDA Pro plugin developers with an abstracted asynchronous I/O interface.

MD5 | 66c9c8f05f7718f72d2310c5e826f6f7
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By