{"id":47383334,"url":"https://github.com/symgraph/IDAssist","last_synced_at":"2026-04-02T20:01:01.191Z","repository":{"id":341291920,"uuid":"1167005651","full_name":"symgraph/IDAssist","owner":"symgraph","description":"AI-Powered Reverse Engineering Plugin for IDA Pro","archived":false,"fork":false,"pushed_at":"2026-03-30T15:40:10.000Z","size":7895,"stargazers_count":362,"open_issues_count":0,"forks_count":28,"subscribers_count":2,"default_branch":"master","last_synced_at":"2026-03-30T17:36:44.985Z","etag":null,"topics":["ida-plugin","ida-plugins","idapro","llm"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/symgraph.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-25T21:04:23.000Z","updated_at":"2026-03-30T15:40:15.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/symgraph/IDAssist","commit_stats":null,"previous_names":["jtang613/idassist","symgraph/idassist"],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/symgraph/IDAssist","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symgraph%2FIDAssist","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symgraph%2FIDAssist/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symgraph%2FIDAssist/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symgraph%2FIDAssist/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/symgraph","download_url":"https://codeload.github.com/symgraph/IDAssist/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symgraph%2FIDAssist/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31314782,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ida-plugin","ida-plugins","idapro","llm"],"created_at":"2026-03-19T16:00:38.420Z","updated_at":"2026-04-02T20:01:01.161Z","avatar_url":"https://github.com/symgraph.png","language":"Python","readme":"# IDAssist\n\n*AI-Powered Reverse Engineering Plugin for IDA Pro*\n\n**Author:** Jason Tang\n\n## Description\n\nIDAssist is an IDA Pro plugin that integrates LLM-powered analysis directly into IDA's interface, providing AI-assisted binary reverse engineering through configurable LLM providers, semantic knowledge graphs, RAG document search, and supports a wide diversity of LLM providers.\n\nBuilt with Python and PySide6, IDAssist runs as a dockable panel inside IDA Pro 9.0+ and communicates with LLM providers (OpenAI, Anthropic, Ollama, LiteLLM, and more) to analyze functions, suggest renames, answer questions about code, and build a searchable knowledge graph of an entire binary.\n\n\u003c!-- SCREENSHOT: IDAssist main interface showing the Explain tab with a function explanation and security analysis panel --\u003e\n![Screenshot](/docs/screenshots/slideshow.gif)\n\n## Core Features\n\n**Function Explanation** — Generate detailed natural-language explanations of decompiled functions with automatic security analysis including risk level, activity profile, security flags, and API detection.\n\n**Interactive Query Chat** — Ask questions about the binary with persistent chat history. Use context macros (`#func`, `#addr`, `#line`, `#range`) to inject function code, addresses, or disassembly ranges into queries.\n\n**Automated Actions** — AI-powered rename suggestions for functions, variables, and types. Review proposed changes in a table with confidence scores, then apply selected actions back to the IDB.\n\n**Semantic Knowledge Graph** — Build and explore a knowledge graph of the binary's functions, call relationships, data flows, and security characteristics. Includes visual graph rendering, semantic search, and community detection.\n\n**RAG Document Search** — Upload reference documents (`.txt`, `.md`, `.rst`, `.pdf`) and use them as context during LLM queries. Supports hybrid text+vector search via Whoosh indexing.\n\n**SymGraph Integration** — Push and pull function names, variable names, types, and graph data to the SymGraph collaborative platform. Includes a multi-step wizard with conflict resolution for pulls.\n\n**Settings Management** — Configure multiple LLM and MCP providers, manage SymGraph API credentials, customize the system prompt, and set database paths.\n\n## Advanced Capabilities\n\n### ReAct Agent\n\nThe Query tab supports an autonomous ReAct (Reasoning + Acting) agent mode. When enabled, the LLM plans an investigation strategy, executes tools to gather information, reflects on findings, and synthesizes a comprehensive answer — all automatically across multiple reasoning rounds.\n\n### Extended Thinking\n\nConfigure reasoning effort levels to control how much the LLM \"thinks\" before responding:\n\n| Level | Thinking Budget | Best For |\n|-------|----------------|----------|\n| None | Disabled | Fast, simple queries |\n| Low | ~2K tokens | Straightforward analysis |\n| Medium | ~10K tokens | Moderate complexity |\n| High | ~25K tokens | Deep analysis, complex code |\n\n### MCP Integration\n\nIDAssist can connect to external MCP servers for tool-augmented LLM interactions where the model can programmatically inspect functions, read disassembly, query cross-references, and modify the IDB during reasoning. IDAssist also provides built-in internal tools for function calling without requiring an external MCP server.\n\n### Function Calling\n\nLLM providers with tool-calling support can invoke IDA analysis functions mid-conversation, enabling iterative investigation without manual intervention.\n\n### RLHF Feedback\n\nProvide thumbs-up/thumbs-down feedback on explanations and query responses. Feedback is stored locally and can be used to improve prompt engineering and model selection.\n\n## Architecture\n\nIDAssist follows an MVC (Model-View-Controller) pattern:\n\n- **Views** (`src/views/`) — PySide6 tab widgets that emit signals on user interaction\n- **Controllers** (`src/controllers/`) — Connect view signals to service calls, manage state\n- **Services** (`src/services/`) — Business logic, LLM providers, database access, graph analysis\n- **Internal Tools** (`src/services/internal_tools.py`) — IDA-specific tool definitions for LLM function calling\n- **Graph Tools** (`src/services/graphrag/graphrag_tools.py`) — Semantic graph read/write tools for LLM interaction\n\nKey design principles:\n- All IDA API calls execute on the main thread via `execute_on_main_thread()`\n- LLM responses stream incrementally to the UI\n- Local SQLite databases for persistence (no external database required)\n- Singleton service registry with thread-safe initialization\n\n## Quick Start\n\n1. **Install the plugin** (recommended — IDA Plugin Manager):\n\n   ```\n   hcli plugin install idassist\n   ```\n\n   This automatically installs the plugin and its Python dependencies into IDA's environment.\n\n2. **Or install manually** (from release tarball):\n\n   Download the latest release zip from [GitHub Releases](https://github.com/jtang613/IDAssist/releases) and extract it into your IDA plugins directory:\n\n   **Linux / macOS:**\n   ```bash\n   unzip IDAssist-*.zip -d ~/.idapro/plugins/\n   ```\n\n   **Windows:**\n   Extract the zip into `%APPDATA%\\Hex-Rays\\IDA Pro\\plugins\\`.\n\n   Then install dependencies using **IDA's bundled Python** (not your system Python):\n\n   **Linux / macOS:**\n   ```bash\n   \u003cIDA_INSTALL_DIR\u003e/python3/bin/pip3 install -r ~/.idapro/plugins/IDAssist/requirements.txt\n   ```\n\n   **Windows:**\n   ```cmd\n   \"\u003cIDA_INSTALL_DIR\u003e\\python3\\python.exe\" -m pip install -r \"%APPDATA%\\Hex-Rays\\IDA Pro\\plugins\\IDAssist\\requirements.txt\"\n   ```\n\n   \u003e Replace `\u003cIDA_INSTALL_DIR\u003e` with your IDA Pro installation path (e.g., `/opt/idapro-9.0` or `C:\\Program Files\\IDA Pro 9.0`).\n   \u003e\n   \u003e **Tip:** You can also set the `IDAUSR` environment variable to a custom directory containing a `plugins/` subdirectory.\n\n3. **Open IDAssist:** Launch IDA Pro, open a binary, and press `Ctrl+Shift+A` (or Edit \u003e Plugins \u003e IDAssist).\n\n4. **Configure a provider:** Go to the Settings tab, click **Add** under LLM Providers, and configure your preferred provider.\n\n5. **Analyze a function:** Navigate to any function, click the **Explain** tab, and press **Explain Function**.\n\nFor detailed setup instructions, see [Getting Started](docs/getting-started.md).\n\n## LLM Provider Setup\n\nIDAssist supports the following provider types:\n\n| Type | Auth Method | Notes |\n|------|-------------|-------|\n| `anthropic_platform` | API Key | Anthropic API direct |\n| `anthropic_oauth` | OAuth (browser) | Browser-based authentication |\n| `anthropic_claude_cli` | Local CLI | Uses the `claude` CLI binary |\n| `openai_platform` | API Key | OpenAI API direct |\n| `openai_oauth` | OAuth (browser) | Browser-based authentication |\n| `ollama` | None (local) | Self-hosted models |\n| `litellm` | Proxy URL | Multi-provider proxy |\n\n### Recommended Models\n\n| Provider | Model | Strengths |\n|----------|-------|-----------|\n| Anthropic | `claude-sonnet-4-6` | Strong code analysis, extended thinking |\n| OpenAI | `gpt-5.3-codex` | Fast, good general analysis |\n| Ollama | `qwen2.5-coder:32b` | Local, no API key needed |\n\n## Using the Semantic Graph\n\nThe Semantic Graph tab provides a knowledge graph of the binary:\n\n1. **ReIndex Binary** — Extracts function structure, call graph, and cross-references\n2. **Semantic Analysis** — Generates LLM summaries for each function\n3. **Security Analysis** — Detects vulnerability patterns and security-relevant APIs\n4. **Network Flow** — Tracks network operations across the call graph\n5. **Community Detection** — Groups related functions into modules\n\nExplore the graph via the **List View** (callers, callees, edges, flags), **Visual Graph** (interactive node diagram with N-hop expansion), or **Search** (7 query types including semantic search, similar functions, and call context).\n\n## Context Menu Actions\n\nRight-click in any Disassembly or Pseudocode view to access:\n\n| Action | Hotkey | Effect |\n|--------|--------|--------|\n| Explain Function | `Ctrl+Shift+E` | Opens Explain tab and generates explanation |\n| Ask About Selection | `Ctrl+Shift+Q` | Opens Query tab with `#func` context |\n| Rename Suggestions | — | Opens Actions tab and generates suggestions |\n\n## Requirements\n\n- **IDA Pro 9.0+** with Python 3 and PySide6\n- **Hex-Rays Decompiler** (recommended for pseudocode features)\n- Python packages listed in `requirements.txt`\n\n## Documentation\n\n- [Documentation Index](docs/index.md)\n- [Getting Started](docs/getting-started.md)\n- Tab References: [Explain](docs/tabs/explain-tab.md) | [Query](docs/tabs/query-tab.md) | [Actions](docs/tabs/actions-tab.md) | [Semantic Graph](docs/tabs/semantic-graph-tab.md) | [RAG](docs/tabs/rag-tab.md) | [Settings](docs/tabs/settings-tab.md)\n- Workflows: [Explain](docs/workflows/explain-workflow.md) | [Query](docs/workflows/query-workflow.md) | [Semantic Graph](docs/workflows/semantic-graph-workflow.md)\n\n## Homepage\n\n[https://symgraph.ai](https://symgraph.ai)\n\n## License\n\nSee LICENSE file for details.\n","funding_links":[],"categories":["Defense \u0026 Security Controls"],"sub_categories":["AI-Assisted Defensive Security"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsymgraph%2FIDAssist","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsymgraph%2FIDAssist","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsymgraph%2FIDAssist/lists"}