IDA Migrator is an IDA Pro plugin which helps migrate existing work from one database instance to another. It Conveniently migrates function names, structures and enums.

Stars: ✭ 65 (-54.23%)

Mutual labels: ida, ida-pro, ida-plugin, idapython

DrGadget

dr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>

Stars: ✭ 61 (-57.04%)

Mutual labels: ida-pro, ida-plugin, idapython, idapython-plugin

Idarling

Collaborative Reverse Engineering plugin for IDA Pro & Hex-Rays

Stars: ✭ 588 (+314.08%)

Mutual labels: ida, ida-pro, ida-plugin, idapython

dynlib

IDA Pro plugin to aid PS4 user mode ELF reverse engineering.

Stars: ✭ 51 (-64.08%)

Mutual labels: ida, ida-pro, ida-plugin, idapro

Flare Ida

IDA Pro utilities from FLARE team

Stars: ✭ 1,374 (+867.61%)

Mutual labels: ida, ida-pro, ida-plugin, idapython

Awesome Reverse Engineering

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)

Stars: ✭ 2,954 (+1980.28%)

Mutual labels: ida-plugin, idapython, idapro, binaryninja

Idangr

Use angr in the IDA Pro debugger generating a state from the current debug session

Stars: ✭ 214 (+50.7%)

Mutual labels: ida, ida-pro, ida-plugin, idapython

idapython-cheatsheet

scripting IDA like a Pro

Stars: ✭ 13 (-90.85%)

Mutual labels: ida, ida-pro, idapython, idapro

Ipyida

IPython console integration for IDA Pro

Stars: ✭ 358 (+152.11%)

Mutual labels: ida, ida-pro, ida-plugin, idapython

ida-embed-arch-disasm

Allows IDA PRO to disassemble x86-64 code (WOW64) in 32-bit database

Stars: ✭ 22 (-84.51%)

Mutual labels: ida-pro, ida-plugin, idapython

xray

Hexrays decompiler plugin that colorizes and filters the decompiler's output based on regular expressions

Stars: ✭ 97 (-31.69%)

Mutual labels: ida, ida-pro, idapython

Hexrayspytools

IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes

Stars: ✭ 873 (+514.79%)

Mutual labels: ida, ida-plugin, idapython

Scratchabit

Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

Stars: ✭ 369 (+159.86%)

Mutual labels: ida, ida-plugin, idapython

Ida For Delphi

IDA Python Script to Get All function names from Event Constructor (VCL)

Stars: ✭ 92 (-35.21%)

Mutual labels: ida, ida-pro, idapython

Amie

A Minimalist Instruction Extender for the ARM architecture and IDA Pro

Stars: ✭ 136 (-4.23%)

Mutual labels: ida, ida-pro, idapython

Hrdevhelper

Context-sensitive HexRays decompiler plugin that visualizes the ctree of decompiled functions.

Stars: ✭ 193 (+35.92%)

Mutual labels: ida, ida-pro, idapython

idapm

idapm is IDA Plugin Manager via GitHub Repository.

Stars: ✭ 50 (-64.79%)

Mutual labels: ida, ida-pro, ida-plugin

View All Similar Projects ➔

Hyara

Hyara is plugin that provides convenience when writing yararule.

The plugin is currently undergoing a major revision!

Demo video

Instructions

Start Screen and Options

When you run Hyara, it docks itself to the right and docks the output window to the left.
After specifying the address, press the Make button to show the specified hexadecimal or strings as a result.
The results are saved in the table below when you click Save.
If you double-click the table, you can clear the rule.
Export Yara Rule
- Exports the previously created yara rules.

Right Click
- You can select either start address or end address. (IDA Pro, Cutter)

Comment Option
- Annotates the instructions next to the condition rule(s).
Rich Header and imphash
- Adds rich header and imphash matching to the rule.
String option
- This option extracts strings within the range specified.

Installation

IDA Pro & BinaryNinja

pip install -r requirements.txt

IDA Pro
- copy Hyara_IDA.py and hyara_lib folder to $ida_dir/plugins
- Activate via Edit -> Plugins -> Hyara (or CTRL+SHIFT+Y)
BinaryNinja
- copy Hyara_BinaryNinja.py and hyara_lib folder to BinaryNinja Plugin directory
- Activate via View -> Show Hyara

Cutter

Windows

C:\\Users\\User\\AppData\\Local\\Programs\\Python\\Python37\\python.exe -m pip install -I -t $cutter_dir/python37/site-packages -r requirements.txt

copy __init__.py, Hyara_Cutter.py and hyara_lib folder to $cutter_dir/plugins/python/Hyara

Linux

cp -r /tmp/.mount_Cutter5o3a5G/usr /root
pip3.9 install -I -t /root/usr/lib/python3.9/site-packages -r /root/Hyara/requirements.txt
./Cutter-v2.0.3-x64.Linux.AppImage --pythonhome /root/usr

copy __init__.py, Hyara_Cutter.py and hyara_lib folder to /root/.local/share/rizin/cutter/plugins/python/Hyara

Activate via Windows -> Plugins -> Hyara

Features

GUI-based
Supports BinaryNinja, Cutter, and IDA
YaraChecker
- Tests the yararule on the fly
YaraDetector
- Shows which part is detected in the sample loaded to disassembler, and when "Address" is clicked, it moves to the corresponding address on the disassembler view.
YaraIcon
- Creates yara rules for icon resources embedded in the PE.

Author

👤 hyuunnn

Github: @hyuunnn

Special Thanks

Twitter: kjkwak12
Github: gaasedelen - Link
Github: ITAYC0HEN - Link

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

hyuunnn / Hyara

Programming Languages

Labels

Projects that are alternatives of or similar to Hyara

Hyara

Instructions

Start Screen and Options

Installation

IDA Pro & BinaryNinja

Cutter

Windows

Linux

Features

Author

Special Thanks