cylance / Ablation
Ablation is a tool for augmenting static analysis by extracting information at runtime, and importing it into IDA. It can resolve virtual calls, reveal interesting code, exclude heavily traversed regions, identify untested or undocumented features, visually diff samples, or perform root cause analysis simply by running samples. My favourite howe…
☆48Updated 8 years ago
Related projects ⓘ
Alternatives and complementary repositories for Ablation
- This IDAPython script tags subroutines according to their use of imported functions☆71Updated 3 years ago
- IDAPython plugin for finding Xrefs from a function☆47Updated 8 years ago
- IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplot…☆135Updated 3 years ago
- An IDA Pro Plugin for embedding an IPython Kernel☆64Updated 5 years ago
- Use angr inside the radare2 debugger. Create an angr state from the current debugger state.☆34Updated 5 years ago
- x86 bootloader emulation with Miasm (case of NotPetya)☆40Updated 5 years ago
- Augmenting Static Reverse Engineering with Dynamic Analysis and Instrumentation☆131Updated 10 years ago
- ☆98Updated 5 months ago
- Random tools and things for creating+injecting complex organisms into a process on both the posix and windows platforms. Includes support…☆38Updated this week
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆71Updated 5 years ago
- Course sample for SMT-Based Binary Program Analysis training class☆30Updated 6 years ago
- IDA Pro resources, scripts, and configurations☆111Updated 8 months ago
- Collaborative reverse engineering plugin for IDA Pro. Latest version, including IDA 7.0 support, is not back ward compatible with earlier…☆97Updated 3 years ago
- An IDA Pro swiss army knife (with a sexy name!)☆56Updated 11 years ago
- Binary Ninja plugin that syncs WinDbg to Binary Ninja☆47Updated 6 years ago
- ☆32Updated 5 months ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆116Updated 9 years ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆20Updated 6 years ago
- suite of binaries used to test function identification☆28Updated 7 years ago
- Automatic function exporting and linking for fuzzing cross-architecture binaries.☆50Updated 6 years ago
- Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).☆35Updated 7 years ago
- PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components☆68Updated 3 years ago
- Automatically exported from code.google.com/p/mynav☆28Updated 9 years ago
- OpenType font file format fuzzer for Windows☆52Updated 11 years ago
- A few IDAPython scripts to generate class hierarchy diagrams from IDBs☆34Updated 12 years ago
- Use ltrace with pwnlib.tubes.process instances, useful for heap exploitation. Pwntools rocks!☆52Updated 6 years ago
- Plugins for IDA Pro and Hex-Rays☆40Updated 6 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆106Updated 11 months ago
- IDASimulator is a plugin that extends IDA's conditional breakpoint support, making it easy to augment / replace complex executable code i…☆47Updated 10 years ago
- CansecWest2016 - Getting Physical: Extreme Abuse of Intel Based Paging Systems☆27Updated 8 years ago