https://github.com/still34/idascope7

Fork of simpliFiRE.IDAscope; updated to be compatible with IDA 7.x
https://github.com/still34/idascope7

ida-plugin ida-pro idapython

Last synced: 7 months ago
JSON representation

Fork of simpliFiRE.IDAscope; updated to be compatible with IDA 7.x

• Host: GitHub
• URL: https://github.com/still34/idascope7
• Owner: Still34
• Created: 2020-10-28T14:57:25.000Z (over 5 years ago)
• Default Branch: patches/ida7-migration
• Last Pushed: 2021-01-27T12:52:11.000Z (about 5 years ago)
• Last Synced: 2025-07-20T06:57:01.876Z (7 months ago)
• Topics: ida-plugin, ida-pro, idapython
• Language: Python
• Homepage: https://bitbucket.org/daniel_plohmann/simplifire.idascope/src/master/
• Size: 3.34 MB
• Stars: 5
• Watchers: 2
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
simpliFiRE.IDAscope - An IDA Pro extension for easier (malware) reverse engineering

===================================================================================

Description

-----------

**Note:** This is an updated version of Daniel Plohmann's [excellent work](https://bitbucket.org/daniel_plohmann/simplifire.idascope/src/master/). This version should be *mostly* compatible with the latest IDA Pro. I couldn't open a PR on BitBucket for some reason, so I'm establishing this fork on GitHub instead. There was no license file included with the original repo, so I won't include a new one here.

IDAscope is an IDA Pro extension with the goal to ease the task of (malware) reverse engineering with a current focus on x86 Windows. It consists of multiple tabs, containing functionality to achieve different goals such as fast identification of semantically interesting locations in the analysis target, seamless access to MSDN documentation of Windows API, and finding of potential crypto/compression algorithms.

Instructions

------------

Go to  and download a release package or check out the repository for the latest version of IDAscope.

Basic installation is easy: unzipping the package in a location where it can be reached from IDA Pro is enough. To use the extension, simply run `IDAscope.py` from the root directory via IDA Pro's "File / Script File".

To make the MSDN database to the WinAPI browser available, follow the steps described in `IDAscope/documentation/manual.html`.

Final Words

-----------

IDAscope has functionality (annotation, coloring, code conversion, ...) that can alter your IDB. While it should normally not happen, we cannot guarantee that it will not break the IDB of your analysis target. Therefore, we recommend making backups before using it. By using this tool, we assume that you know what you are doing and you accept that you are using it on your own risk. As stated in the license, we will not take liability for any damage caused by this tool.