Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/shazar14/idadump
An IDA Pro script to verify binaries found in a sample and write them to disk
https://github.com/shazar14/idadump
Last synced: 21 minutes ago
JSON representation
An IDA Pro script to verify binaries found in a sample and write them to disk
- Host: GitHub
- URL: https://github.com/shazar14/idadump
- Owner: shazar14
- License: mit
- Created: 2017-07-25T23:17:32.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2017-07-25T23:37:33.000Z (over 7 years ago)
- Last Synced: 2024-08-03T10:01:36.240Z (3 months ago)
- Language: C++
- Homepage:
- Size: 183 KB
- Stars: 9
- Watchers: 4
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## IDAdump
The purpose of this script is to verify the presence of a PE file in an IDA DB,
correctly calculate the size from the PE header, and write the file to disk
### Note
This script was written on Carbon Black time. Thank you for the time and
support to write something I've been meaning to write for some time
## Usage
Open file in IDA pro. Point cursor at the `M (or 0x4D)` in the IDA DB and run this script
Select File->Script File... and select idadump_mz.py
For testing I have provided binaries that contain an embedded binary inline as well as binary in the .rsrc section.
Here are the results of both being dumped to disk
