https://github.com/0xdea/augur

Reverse engineering assistant that extracts strings and related pseudo-code from a binary file.
https://github.com/0xdea/augur

ida-plugin ida-pro idalib reverse-engineering vulnerability-research

Last synced: about 1 month ago
JSON representation

Reverse engineering assistant that extracts strings and related pseudo-code from a binary file.

• Host: GitHub
• URL: https://github.com/0xdea/augur
• Owner: 0xdea
• License: mit
• Created: 2024-12-13T07:28:00.000Z (6 months ago)
• Default Branch: master
• Last Pushed: 2025-04-09T08:42:06.000Z (about 2 months ago)
• Last Synced: 2025-04-09T09:37:09.366Z (about 2 months ago)
• Topics: ida-plugin, ida-pro, idalib, reverse-engineering, vulnerability-research
• Language: Rust
• Homepage: https://hex-rays.com/ida-pro
• Size: 79.9 MB
• Stars: 16
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

• fucking-awesome-rust - 0xdea/augur - Reverse engineering assistant that extracts strings and related pseudo-code from a binary file [](https://github.com/0xdea/augur/actions/workflows/build.yml) (Applications / Security tools)
• awesome-rust - 0xdea/augur - Reverse engineering assistant that extracts strings and related pseudo-code from a binary file [](https://github.com/0xdea/augur/actions/workflows/build.yml) (Applications / Security tools)

README

        
# augur

[![](https://img.shields.io/github/stars/0xdea/augur.svg?style=flat&color=yellow)](https://github.com/0xdea/augur)

[![](https://img.shields.io/crates/v/augur?style=flat&color=green)](https://crates.io/crates/augur)

[![](https://img.shields.io/crates/d/augur?style=flat&color=red)](https://crates.io/crates/augur)

[![](https://img.shields.io/badge/twitter-%400xdea-blue.svg)](https://twitter.com/0xdea)

[![](https://img.shields.io/badge/mastodon-%40raptor-purple.svg)](https://infosec.exchange/@raptor)

[![build](https://github.com/0xdea/augur/actions/workflows/build.yml/badge.svg)](https://github.com/0xdea/augur/actions/workflows/build.yml)

[![doc](https://github.com/0xdea/augur/actions/workflows/doc.yml/badge.svg)](https://github.com/0xdea/augur/actions/workflows/doc.yml)

> "In fact I've actually triggered buffer overflows by just entering my real name."

>

> -- A.

Augur is a blazing fast IDA Pro headless plugin that extracts strings and related pseudo-code from a binary file.

It stores pseudo-code of functions that reference strings in an organized directory tree.

![](https://raw.githubusercontent.com/0xdea/augur/master/.img/screen01.png)

## Features

* Blazing fast, headless user experience courtesy of IDA Pro 9 and Binarly's idalib Rust bindings.

* Support for binary targets for any architecture implemented by IDA Pro's Hex-Rays decompiler.

* Decompilation feature based on the `decompile_to_file` API exported by [haruspex](https://github.com/0xdea/haruspex).

* Pseudo-code of each function that references a specific string is stored in a separate directory.

## Blog post

* 

## See also

* 

* 

* 

* 

## Installing

The easiest way to get the latest release is via [crates.io](https://crates.io/crates/augur):

1. Download, install, and configure IDA Pro (see ).

2. Download and extract the IDA SDK (see ).

3. Install LLVM/Clang (see ).

4. On Linux/macOS, install as follows:

    ```sh

    export IDASDKDIR=/path/to/idasdk

    export IDADIR=/path/to/ida # if not set, the build script will check common locations

    cargo install augur

    ```

   On Windows, instead, use the following commands:

    ```powershell

    $env:LIBCLANG_PATH="\path\to\clang+llvm\bin"

    $env:PATH="\path\to\ida;$env:PATH"

    $env:IDASDKDIR="\path\to\idasdk"

    $env:IDADIR="\path\to\ida" # if not set, the build script will check common locations

    cargo install augur

    ```

## Compiling

Alternatively, you can build from [source](https://github.com/0xdea/augur):

1. Download, install, and configure IDA Pro (see ).

2. Download and extract the IDA SDK (see ).

3. Install LLVM/Clang (see ).

4. On Linux/macOS, compile as follows:

    ```sh

    git clone --depth 1 https://github.com/0xdea/augur

    cd augur

    export IDASDKDIR=/path/to/idasdk # or edit .cargo/config.toml

    export IDADIR=/path/to/ida # if not set, the build script will check common locations

    cargo build --release

    ```

   On Windows, instead, use the following commands:

    ```powershell

    git clone --depth 1 https://github.com/0xdea/augur

    cd augur

    $env:LIBCLANG_PATH="\path\to\clang+llvm\bin"

    $env:PATH="\path\to\ida;$env:PATH"

    $env:IDASDKDIR="\path\to\idasdk"

    $env:IDADIR="\path\to\ida" # if not set, the build script will check common locations

    cargo build --release

    ```

## Usage

1. Make sure IDA Pro is properly configured with a valid license.

2. Run as follows:

    ```sh

    augur 

    ```

3. Find the extracted pseudo-code of each decompiled function in the `binary_file.str` directory, organized by string:

    ```sh

    vim .str

    code .str

    ```

## Compatibility

* IDA Pro 9.0.241217 - Latest compatible: v0.2.3.

* IDA Pro 9.1.250226 - Latest compatible: current version.

*Note: check [idalib](https://github.com/binarly-io/idalib) documentation for additional information.*

## Changelog

* [CHANGELOG.md](CHANGELOG.md)

## TODO

* Integrate with [oneiromancer](https://github.com/0xdea/oneiromancer).

* Allow users to choose to process string cross-references even if decompiler is unavailable.

* Implement functionality similar to .