116
edits
Changes
Jump to navigation
Jump to search
plugins, scripts, etc for debuggers added
*[https://www.nsa.gov/resources/everyone/ghidra/ Ghidra] - Ghidra is an open source software reverse engineering (SRE) framework developed by NSA's [https://www.nsa.gov/what-we-do/research/ Research] Directorate for NSA's [https://www.nsa.gov/what-we-do/cybersecurity/ cybersecurity mission].
::Ghidra Scripts/Plugins/Extension
:::*[https://github.com/AllsafeCyberSecurity/awesome-ghidra Scripts/Plugins/Extension] - A curated list of awesome Ghidra materials.
*[https://www.hex-rays.com/products/ida/ IDA] - The IDA Disassembler and Debugger is an interactive, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X.
::IDA Scripts/Plugins/Extension
:::*[https://github.com/gdelugre/ida-arm-system-highlight IDA ARM] - This script will give you the list of ARM system instructions used in your IDA database. This is useful for locating specific low-level pieces of code (setting up the MMU, caches, fault handlers, etc.).
:::*[https://www.keystone-engine.org/keypatch/ Keypatch] - A multi-architeture assembler for IDA. Keypatch allows you enter assembly instructions to directly patch the binary under analysis. Powered by Keystone engine.
:::*[https://github.com/onethawt/idastealth IDAStealth] - is a plugin which aims to hide the IDA debugger from most common anti-debugging techniques. The plugin is composed of two files, the plugin itself and a dll which is injected into the debugger as soon as the debugger attaches to the process.
:::*[https://github.com/iphelix/ida-sploiter ida-sploiter] - is a exploit development and vulnerability research tool. Some of the plugin's features include a powerful ROP gadgets search engine, semantic gadget analysis and filtering, interactive ROP chain builder, stack pivot analysis, writable function pointer search, cyclic memory pattern generation and offset analysis, detection of bad characters and memory holes, and many others.
:::*[https://github.com/danigargu/IDAtropy IDAtropy] -is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplotlib
:::*[https://github.com/grayhatacademy/ida/tree/master/plugins/localxrefs Localxrefs] - Finds references to any selected text from within the current function.
:::*[https://github.com/a1ext/labeless Labeless] - is a plugin system for dynamic, seamless and realtime synchronization between IDA Database and Olly. Labels, function names and global variables synchronization is supported. Olly and x64dbg are supported.
:::*[https://www.coresecurity.com/core-labs/open-source-tools/turbodiff-cs Turbodiff] - is a binary diffing tool developed as an IDA plugin. It discovers and analyzes differences between the functions of two binaries.
:::*[https://github.com/onethawt/idaplugins-list A list of IDA Plugins (click here for more)] - A large list/collection of plugins for IDA.
*[https://github.com/vivisect/vivisect Vivisect] - Vivisect binary analysis framework. Includes Disassembler, Debugger, Emulation and Symbolik analysis engines. Includes built-in Server and Shared-Workspace functionality. Runs interactive or headless, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X (Pure-Python, using ctypes to access underlying OS debug mechanism). Supports RevSync via plugin, allowing basic collaboration with Binja, Ghidra, and IDA. Criticisms (from a core dev): "Graph View could use some work, slower than Binja and IDA (due to Python), documentation like an OpenSource Project... but we keep working to make it better. PR's and suggestions welcome." Best installed via Pip: <code>python3 -m pip install vivisect</code>
*[https://x64dbg.com/ x64dbg] - Is a powerful Open Source Ollydbg replacement with a User Interface very similar to Ollydbg also x64dbg as the name states offers x64 support.
::x64dbg Plugins/Integrations/Templates
:::*[https://github.com/x64dbg/x64dbg/wiki/Plugins x64dbg's Wiki] - is a wiki of Integrations and Plugins of x64dbg debugger.
*[https://github.com/uxmal/reko Reko] - Reko is a binary decompiler for static analysis (ARM, x86-64, M68K, Aarch65, RISC-V and dotnet)
