Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/0x00ach/idadiff
IDAPython script in order to auto-rename subs
https://github.com/0x00ach/idadiff
Last synced: 3 months ago
JSON representation
IDAPython script in order to auto-rename subs
- Host: GitHub
- URL: https://github.com/0x00ach/idadiff
- Owner: 0x00ach
- License: gpl-3.0
- Created: 2017-02-13T09:05:01.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2017-05-17T09:52:23.000Z (about 7 years ago)
- Last Synced: 2024-01-22T14:59:16.541Z (5 months ago)
- Language: Python
- Size: 13.7 KB
- Stars: 20
- Watchers: 5
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-ida-x64-olly-plugin - Idadiff - FR/polichombr/blob/dev/docs/MACHOC_HASH.md). (IDA Plugins)
- awesome-ida - **14**星 - FR/polichombr)算法创建二进制文件的CFG Hash,与其他样本对比。如果发现1-1关系,则重命名 (<a id="02088f4884be6c9effb0f1e9a3795e58"></a>签名(FLIRT等)&&比较(Diff)&&匹配 / <a id="161e5a3437461dc8959cc923e6a18ef7"></a>Diff&&Match工具)
- awesome-ida-x64-olly-plugin - Idadiff - FR/polichombr/blob/dev/docs/MACHOC_HASH.md). (IDA Plugins)
README
# idadiff
IDAPython script in order to auto-rename sub.
The script uses the @Heurs MACHOC algorithm (https://github.com/ANSSI-FR/polichombr) in order to build tiny CFG hashes of a source binary sample in IDA PRO. These hashes may be compared against the ones in the destination binary sample. If a 1-1 relationship is found, the sub is renamed.
TODO:
- code cleaning;
- N grams (3 and 5);
- use a %temp% or /tmp file to share the hashes;
- other methods.