| assign_color.idc |
7 KB |
Jan 19 2006 |
| This script assigns hotkeys to various routines that handle instruction / selection / block level color setting and clearing. I updated this script recently to be more "API-ish" for outside calling. |
| call_count_prefixer.idc |
6 KB |
Oct 13 2005 |
| When run, this script will parse over the entire IDA database and collect statistics on the number of times each function is called. Each referenced function is then renamed with a prefix containing it's call count. Example: 'sub_12345678' may 'become 17__sub_12345678', where 17 represents the number of times the sub routine was called. |
| export_disassembly.idc |
1 KB |
Nov 1 2005 |
| When run, this script will export the disassembly of the current function in a clean, straight forward format. Inclusion of addresses is an optional run-time setting. |
| function_tagger.idc |
3 KB |
Oct 13 2005 |
| When run, this script will register a hotkey that can be utilized in place of "enter" to follow function cross references. The script will tag the visited function with "x__" marking the area as one that has already been examined. |
| jeep_navigator.py |
5 KB |
Apr 3 2007 |
| Python +GPS +Google real-time car tracking script written in under 200 lines of Python. Check out the more detailed description of why this was written in the imagery. |
| jump_to_func_top.idc |
290 B |
Dec 2 2005 |
| When run, this simple script will bind the hotkey CTRL+SHIFT+J to a routine, Jump(GetFunctionAttr(ScreenEA(), FUNCATTR_START)), that will cause the cursor to job the top of the current function you are in. |
| ms05-030-filtered-vs-unfiltered.gml |
434 KB |
Jan 23 2006 |
| This graph demonstrates the benefits offered by Process Stalker's filtering capabilities. The yellow nodes represent individual functions. The black shaded cluster highlights nodes (functions) that are handle GUI operations. The red shaded cluster highlights nodes (functions) that may contain our target vulnerability. See the article at http://www.openrce.org/articles/full_view/12 as well as ms05-030-final.gml. |
| ms05-030-final.gml |
2 MB |
Jan 23 2006 |
| Final hit result graph (including intelligent register inspection) of Process Stalker analysis of MS05-030 vulnerability. Designed for view in Oreas GDE. See also ms05-030-filtered-vs-unfiltered.gml. |
| opcodes.hlp |
83 KB |
Oct 13 2005 |
| Intel hex opcodes and mnemonics win32 help file. |
| paimei-recon-2006.pdf |
1 MB |
Jul 19 2012 |
| Slides from my 2006 talk on PaiMei. |
| PAIMEIpeek_preview.gif |
85 KB |
Dec 27 2006 |
| Screenshot of a new PaiMei GUI module I put together to replace the command line Proc Peek script. |
| pydasm.pyd |
107 KB |
Jun 13 2008 |
| PyDASM for Python 2.5. I guess there is no official 2.5 release yet and since a bunch of people have asked me for this here it is. |
| RECON2006-Amini.zip |
883 KB |
Jun 16 2006 |
| My slides on PaiMei from RECON2006. |
| ShmooCon 2006 Amini-Eagle.pdf |
177 KB |
Jan 16 2006 |
| Chris Eagle and I's (brief) slide-set for the 2006 ShmooCon BoF on reverse engineering. |
| tracer_msr_branch.py |
4 KB |
Dec 13 2006 |
| Proof of concept single step tracer written in Python on top of PyDbg. See this blog entry and tracer_single_step.py for more information. |
| tracer_single_step.py |
3 KB |
Dec 13 2006 |
| Proof of concept single step tracer written in Python on top of PyDbg. See this blog entry and tracer_msr_branch.py for more information. |
| wordfile.txt |
117 KB |
Feb 28 2006 |
| My UltraEdit (favorite text editor) word file. Includes (/L12 "IDC") IDA Script highlighting and IDA Python constructs in /L10 "Python" |
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}