https://github.com/0xdea/augur

Reverse engineering assistant that extracts strings and related pseudo-code from a binary file.
https://github.com/0xdea/augur

ida-plugin ida-pro idalib reverse-engineering vulnerability-research

Last synced: about 1 month ago
JSON representation

Reverse engineering assistant that extracts strings and related pseudo-code from a binary file.

• Host: GitHub
• URL: https://github.com/0xdea/augur
• Owner: 0xdea
• License: mit
• Created: 2024-12-13T07:28:00.000Z (4 months ago)
• Default Branch: master
• Last Pushed: 2025-03-09T13:42:01.000Z (about 1 month ago)
• Last Synced: 2025-03-09T14:26:58.669Z (about 1 month ago)
• Topics: ida-plugin, ida-pro, idalib, reverse-engineering, vulnerability-research
• Language: Rust
• Homepage: https://hex-rays.com/ida-pro
• Size: 70.3 MB
• Stars: 9
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

• fucking-awesome-rust - 0xdea/augur - Reverse engineering assistant that extracts strings and related pseudo-code from a binary file [](https://github.com/0xdea/augur/actions/workflows/build.yml) (Applications / Security tools)
• awesome-rust - 0xdea/augur - Reverse engineering assistant that extracts strings and related pseudo-code from a binary file [](https://github.com/0xdea/augur/actions/workflows/build.yml) (Applications / Security tools)

README

        
# augur

[![](https://img.shields.io/github/stars/0xdea/augur.svg?style=flat&color=yellow)](https://github.com/0xdea/augur)

[![](https://img.shields.io/crates/v/augur?style=flat&color=green)](https://crates.io/crates/augur)

[![](https://img.shields.io/crates/d/augur?style=flat&color=red)](https://crates.io/crates/augur)

[![](https://img.shields.io/badge/twitter-%400xdea-blue.svg)](https://twitter.com/0xdea)

[![](https://img.shields.io/badge/mastodon-%40raptor-purple.svg)](https://infosec.exchange/@raptor)

[![build](https://github.com/0xdea/augur/actions/workflows/build.yml/badge.svg)](https://github.com/0xdea/augur/actions/workflows/build.yml)

[![doc](https://github.com/0xdea/augur/actions/workflows/doc.yml/badge.svg)](https://github.com/0xdea/augur/actions/workflows/doc.yml)

> "In fact I've actually triggered buffer overflows by just entering my real name."

>

> -- A.

Augur is a blazing fast IDA Pro headless plugin that extracts strings and related pseudo-code from a binary file.

It stores pseudo-code of functions that reference strings in an organized directory tree.

![](https://raw.githubusercontent.com/0xdea/augur/master/.img/screen01.png)

## Features

* Blazing fast, headless user experience courtesy of IDA Pro 9 and Binarly's idalib Rust bindings.

* Support for binary targets for any architecture implemented by IDA Pro's Hex-Rays decompiler.

* Decompilation feature based on the `decompile_to_file` API exported by [haruspex](https://github.com/0xdea/haruspex).

* Pseudo-code of each function that references a specific string is stored in a separate directory.

## Blog post

* 

## See also

* 

* 

* 

* 

## Installing

The easiest way to get the latest release is via [crates.io](https://crates.io/crates/augur):

1. Download, install, and configure IDA Pro (see ).

2. Download and extract the IDA SDK (see ).

3. Install augur as follows:

    ```sh

    $ export IDASDKDIR=/path/to/idasdk

    $ export IDADIR=/path/to/ida # if not set, the build script will check common locations

    $ cargo install augur

    ```

*Note: in addition to the latest IDA SDK and IDA Pro itself, a recent version of LLVM/Clang is required

(see [idalib](https://github.com/binarly-io/idalib) documentation).*

## Compiling

Alternatively, you can build from [source](https://github.com/0xdea/augur):

1. Download, install, and configure IDA Pro (see ).

2. Download and extract the IDA SDK (see ).

3. Compile augur as follows:

    ```sh

    $ git clone --depth 1 https://github.com/0xdea/augur

    $ cd augur

    $ export IDASDKDIR=/path/to/idasdk # or edit .cargo/config.toml

    $ export IDADIR=/path/to/ida # if not set, the build script will check common locations

    $ cargo build --release

    ```

*Note: in addition to the latest IDA SDK and IDA Pro itself, a recent version of LLVM/Clang is required

(see [idalib](https://github.com/binarly-io/idalib) documentation).*

## Usage

1. Make sure IDA Pro is properly configured with a valid license.

2. Run augur as follows:

    ```sh

    $ augur 

    ```

3. Find the extracted pseudo-code of each decompiled function in the `binary_file.str` directory, organized by string:

    ```sh

    $ vim .str

    $ code .str

    ```

## Compatibility

* IDA Pro 9.0.241217 - Latest compatible: v0.2.3.

* IDA Pro 9.1.250226 - Latest compatible: current version.

*Note: only the `unix` target family is currently supported, check [idalib](https://github.com/binarly-io/idalib)

documentation if you're interested in a `windows` port.*

## Changelog

* [CHANGELOG.md](CHANGELOG.md)

## TODO

* Implement support for the `windows` target family.

* Integrate with [oneiromancer](https://github.com/0xdea/oneiromancer).

* Allow users to choose to process string cross-references even if decompiler is unavailable.

* Implement functionality similar to .