https://github.com/droe/hopper-scripts

Scripts for Hopper Disassembler
https://github.com/droe/hopper-scripts

hopper-disassembler reverse-engineering

Last synced: about 2 months ago
JSON representation

Scripts for Hopper Disassembler

• Host: GitHub
• URL: https://github.com/droe/hopper-scripts
• Owner: droe
• License: other
• Created: 2018-12-01T17:50:11.000Z (about 6 years ago)
• Default Branch: master
• Last Pushed: 2024-07-02T18:10:00.000Z (8 months ago)
• Last Synced: 2024-12-10T07:21:47.743Z (2 months ago)
• Topics: hopper-disassembler, reverse-engineering
• Language: Python
• Size: 47.9 KB
• Stars: 47
• Watchers: 4
• Forks: 7
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

        
# Scripts for Hopper Disassembler

Copyright (C) 2018-2019, 2023-2024, [Daniel Roethlisberger](//daniel.roe.ch/).

## Synopsis

    make install

    # check Scripts menu in Hopper

## Description

Some of my Hopper scripts that are polished and general enough to be

potentially useful to others.  They used to run on Hopper 4 on macOS and

Linux and are slowly being fixed for Hopper 5 and Python 3.

The scripts use a nicer wrapper API around the strictly procedural Hopper

python API, otherwise the scripts are self-contained.

## Scripts

-   **Analyze Shellcode** - detect and annotate typical shellcode patterns:

    known code blocks, call import by hash, and call/pop reg

-   **Annotate Stack Strings in Selection** - annotate plaintext and

    XOR-encrypted stack strings

-   **Annotate Yara Matches** - apply a set of yara rules to the currently

    loaded document and annotate a summary of matching rules as well as each

    string occurence for matching rules

-   **Copy Selection As Python** - copy bytes in current selection to the

    clipboard, in python syntax, with assembly code in comments

-   **Copy Selection As Yara** - copy bytes in current selection to the

    clipboard, in yara syntax, with assembly code in comments

-   **File Offset Here** - add a prefix comment with the file offset at the

    current cursor position

-   **Fix Imports By Ordinal** - rename labels of imported functions by ordinal

    to their actual names

-   **Save Bytes From Here** - carve and save an arbitrarily-sized blob of

    optionally XOR-decrypted bytes from the current cursor position to a file

-   **Save Selection As Bytes** - carve and save an arbitrarily-sized blob of

    optionally XOR-decrypted bytes based on the current selection to a file

## Support

There is no support whatsoever.  No communication except in the form of pull

requests fixing bugs or adding features.  You are on your own.

## License

Source code provided under a 2-clause BSD license.