awesome-ida-x64-olly-plugin
Binary analysis suite
A curated collection of plugins and tools for reverse-engineering binary code using IDA Pro and other disassemblers
A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
1k stars
45 watching
152 forks
last commit: over 1 year ago Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / IDA Plugins | |||
| Keypatch | : Friendly assembly-level patching/searching plugin (using multi-arch assembler framework inside) | ||
| Lazy ida | 1,104 | 10 months ago | : Add functionalities such as function return removing, converting data, scanning for string vulnerabilities |
| IDAemu | 553 | about 3 years ago | : Use for emulating code in IDA Pro. It is based on unicorn-engine |
| IDA_EA | 415 | almost 8 years ago | : A set of exploitation/reversing aids for IDA |
| Labeless | 516 | over 3 years ago | : System for labels/comments synchronization with a debugger backend |
| Idadiff | 20 | over 8 years ago | : A diffing tool using |
| IDA Skin | 916 | about 6 years ago | : Plugin providing advanced skinning support for IDA Pro utilizing Qt stylesheets, similar to CSS |
| Auto Re | 621 | about 1 year ago | : Auto-renaming dummy-named functions, which have one API call or jump to the imported API |
| IDA IPython | 252 | about 6 years ago | : An IDA Pro Plugin for embedding an IPython |
| IDA Sploiter | 180 | about 6 years ago | : An exploit development and vulnerability research plugin |
| IDATropy | 135 | over 4 years ago | : It is designed to generate charts of entropy and histograms using the power of idapython and matplotlib |
| IDA Patcher | 114 | over 9 years ago | : It is designed to enhance IDA's ability to patch binary files and memory |
| IDAHunt | 381 | almost 2 years ago | : Analyze binaries with IDA Pro and hunt for things in IDA Pro |
| IDA for Delphi | 152 | almost 3 years ago | : IDA Python Script to Get All function names from Event Constructor (VCL) |
| IDA ARM Highlight | 392 | almost 4 years ago | : Highlighting and decoding ARM system instructions |
| BinDiff | : It is a comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code | ||
| Diaphora | 3,686 | 10 months ago | : It is a program diffing plugin for IDA, similar to Zynamics Bindiff |
| Yaco | 316 | about 6 years ago | : Collaborative Reverse-Engineering for IDA |
| IDASignSrch | : It can recognize tons of compression, multimedia and encryption algorithms and many other things like known strings and anti-debugging code | ||
| Findcrypt2 | : It searches constants known to be associated with cryptographic algorithm in the code | ||
| Driver Buddy | 352 | over 5 years ago | : It assists with the reverse engineering of Windows kernel drivers |
| Heap Viewer | 739 | about 3 years ago | : Used to examine the glibc heap, focused on exploit development |
| IDAScope | 110 | about 3 years ago | : It consists of multiple tabs, containing functionality to achieve different goals such as fast identification of semantically interesting locations |
| HexRayPytools | 1,426 | about 1 year ago | : Assist in the creation of classes/structures and detection of virtual tables |
| Ponce | 1,502 | about 1 year ago | : Symbolic Execution just one-click away! |
| idenLib.py | 93 | over 6 years ago | : (Library Function Identification ) plugin for |
| J.A.R.V.I.S | 149 | over 2 years ago | A plugin for IDA Pro to assist you with the most common reversing tasks. It integrates with the (J.A.R.V.I.S) tracer |
| golang_loader_assist | 628 | about 5 years ago | : Making GO reversing easier in IDA Pro |
| FindYara | 171 | over 1 year ago | : IDA python plugin to scan binary with yara rules |
| Karta | 864 | over 2 years ago | : Source code assisted fast binary matching plugin for IDA |
| VT-IDA-PLUGIN | 155 | over 1 year ago | : This plugin integrates functionality from VirusTotal web services into the IDA Pro's user interface |
| mkYARA | 205 | almost 4 years ago | : mkYARA comes with a IDA plugin to easily create YARA signatures by selecting a set of instructions and choosing one of the mkYARA -> Generate YARA rule options |
| Oregami | 179 | over 2 years ago | : IDA plugins and scripts for analyzing register usage frame |
| IDA_IFL | 426 | 10 months ago | : A small plugin with a goal to provide user-friendly way to navigate between functions and their references |
| xray | 125 | almost 2 years ago | : xray is a plugin for the Hexrays decompiler that both filters and colorizes the textual representation of the decompiler's output based on configurable regular expressions |
| Lighthouse | 2,269 | about 1 year ago | : Lighthouse is a powerful code coverage plugin for IDA Pro and Binary Ninja. As an extension of the leading disassemblers, this plugin enables one to interactively explore code coverage data in new and innovative ways when symbols or source may not be available for a given binary |
| CAPA Explorer | 4,944 | 9 months ago | : Capa explorer is an IDA Pro plugin written in Python that integrates the FLARE team's open-source framework, capa, with IDA |
| Ghida | 781 | over 4 years ago | : GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in IDA |
| vt-ida-plugin | 155 | over 1 year ago | : This plugin integrates functionality from VirusTotal web services into the IDA Pro's user interface |
| Virtuailor | 1,290 | about 4 years ago | : IDAPython tool for C++ vtables reconstruction |
| ipyda | 745 | 12 months ago | : PyIDA is a python-only solution to add an IPython console to IDA Pro |
| ComIDA | 199 | about 2 years ago | : An IDA Plugin that help during the analysis of modules using COM |
| D810 | : D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode | ||
| lumen | 941 | 10 months ago | : A private Lumina server for IDA Pro |
| Hexrays Toolbox | 439 | about 2 years ago | : Hexrays Toolbox is a script for the Hexrays Decompiler which can be used to find code patterns within decompiled code |
| HRDevHelper | 380 | about 1 year ago | : This plugin for the HexRays decompiler creates a graph of a decompiled function's AST using IDA's internal graph viewer |
| dsync | 450 | over 4 years ago | : IDAPython plugin that synchronizes disassembler and decompiler views |
| IDACyber | 288 | almost 3 years ago | : IDACyber is an interactive data visualization plugin for IDA Pro. It consists of external "color filters" that transform raw data bytes into a canvas that can be used to inspect and navigate data interactively |
| abyss | 330 | almost 3 years ago | : Augmentation of postprocess Hexrays decompiler output |
| genmc | 234 | almost 3 years ago | : genmc is an IDAPython script/plugin hybrid that displays Hexrays decompiler microcode, which can help in developing microcode plugins |
| ida-minsc | 320 | 9 months ago | : IDA-minsc is a plugin for IDA Pro that assists a user with scripting the IDAPython plugin that is bundled with the disassembler |
| Bip | 189 | over 3 years ago | : Bip is a project which aims to simplify the usage of python for interacting with IDA. Its main goals are to facilitate the usage of python in the interactive console of IDA and the writing of plugins |
| FIDL | 449 | over 2 years ago | : This is a set of utilities wrapping the decompiler API into something sane. This code focus on vulnerability research and bug hunting |
| flare-emu | 802 | 11 months ago | : flare-emu marries a supported binary analysis framework, such as IDA Pro or Radare2, with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks |
| CTO (Call Tree Overviewer) | 328 | 9 months ago | : CTO (Call Tree Overviewer) is an IDA plugin for creating a simple and efficiant function call tree graph. It can also summarize function information such as internal function calls, API calls, static linked library function calls, unresolved function calls, string references, structure member accesses, specific comments |
| HashDB | 298 | 11 months ago | : Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service |
| deREferencing | 565 | 9 months ago | : deReferencing is an IDA Pro plugin that implements new registers and stack views. Adds dereferenced pointers, colors and other useful information, similar to some GDB plugins (e.g: PEDA, GEF, pwndbg, etc) |
| syms2elf | 200 | about 3 years ago | : The plugin export the symbols (for the moment only functions) recognized by IDA Pro and radare2 to the ELF symbol table |
| retdec-idaplugin | 765 | over 1 year ago | : RetDec plugin for IDA (Interactive Disassembler). The plugin comes at both 32-bit and 64-bit address space variants (both are 64-bit binaries) |
| VMAttack | 816 | almost 8 years ago | : IDA Pro Plugin for static and dynamic virtualization-based packed analysis and deobfuscation |
| BinCAT | 1,706 | 11 months ago | : Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection |
| ttddbg - Time Travel Debugging IDA plugin | 553 | about 1 year ago | : This plugin adds a new debugger to IDA which supports loading Time Travel Debugging traces generated using WinDBG Preview |
| IDA Plugin List | : An additional list that contains multiple IDA plugin | ||
| Gepetto | 2,883 | 10 months ago | : Gepetto is a Python script which uses OpenAI's ChatGPT to provide meaning to functions decompiled by IDA Pro |
| DAILA | 566 | 9 months ago | : A decompiler-unified plugin for accessing the OpenAI API to improve your decompilation experience |
| VulChatGPT | 353 | over 2 years ago | : Use IDA PRO HexRays decompiler with OpenAI(ChatGPT) to find possible vulnerabilities in binaries |
| gooMBA | 587 | about 2 years ago | : gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions |
| NOP_Plugin | 14 | over 1 year ago | : Plugin for NOPing instructions in IDA |
| Copilot for IDA Pro | 149 | almost 2 years ago | : ChatGPT Agent analyses your IDA pseudocode |
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / Ghidra Plugins | |||
| Ghidra Scripts | 471 | over 4 years ago | : Port of devttyS0's IDA plugins to the Ghidra plugin framework, new plugins as well |
| Ghidra Scripts 2 | 91 | over 1 year ago | : Ghidra script for malware analysis |
| Findcrypt | 525 | about 2 years ago | : IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database |
| Lazy Ghidra | 139 | about 5 years ago | : Make your Ghidra Lazy |
| Pcode Emulator | 106 | over 4 years ago | : A PCode Emulator for Ghidra |
| dragondance | 288 | about 1 year ago | : Dragon Dance is a plugin for Ghidra to get visualize and manipulate the binary code coverage data |
| ghidra_nodejs | 339 | over 4 years ago | : Ghidra plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries |
| cantordust | 351 | over 1 year ago | : CantorDust is a binary visulization tool used to aid reverse engineering efforts. It allows humans to utilize their superior visual pattern recognition to identify patterns in binary data |
| ghidra-findcrypt | 248 | about 2 years ago | : Ghidra analysis plugin to locate cryptographic constants (This is a re-write of another Ghidra FindCrypt script as an auto analysis module) |
| Awesome Ghidra | 1,188 | almost 4 years ago | : A list of additionnal Ghidra plugins |
| Ghidrathon | 707 | over 1 year ago | : Ghidrathon is a Ghidra extension that adds Python 3 scripting capabilities to Ghidra |
| GptHidra | 354 | almost 2 years ago | : GptHidra is a Ghidra plugin that uses the OpenAI Chat GPT to explain functions. With GptHidra, you can easily understand the purpose and behavior of functions in your codebase |
| Replica | 289 | over 5 years ago | : Ghidra Analysis Enhancer - Automatically enhance Ghidra's auto analysis with additional scripts and features |
| AskJOE | 121 | about 1 year ago | : AskJoe is a tool that utilizes OpenAI to assist researchers wanting to use Ghidra as their malware analysis tool |
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / x64dbg Plugins | |||
| Checksec | 126 | over 8 years ago | : x64dbg plugin to check security settings |
| ClawSearch | 275 | almost 3 years ago | : A memory scanner plugin for x64dbg, inspired by Cheat Engine |
| x64DBGPYLIB | 51 | about 6 years ago | : Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg |
| xAnalyzer | 1,035 | almost 4 years ago | : It is capable of doing various types of analysis over the static code of the debugged application to give more extra information to the user |
| x64DBGIDA | 469 | 12 months ago | : Official x64dbg plugin for IDA Pro |
| x64dbg Dark Theme | 30 | over 6 years ago | : Simple dark theme |
| X64DBG YaraGen | 35 | about 8 years ago | : Generate Yara rules from function basic blocks |
| Diff | 31 | over 4 years ago | : Very simple plugin to diff a section in memory with a file |
| Unpacking Script | 507 | about 1 year ago | : Unpacking script for x64dbg |
| Anti Anti | 194 | over 8 years ago | : Open-source user-mode Anti-Anti-Debug plugin |
| ScyllaHide | 3,509 | over 1 year ago | : |
| Highlightfish | 20 | about 8 years ago | : Plugin to customize x64dbg |
| TitanHide | 2,133 | over 1 year ago | : It is a driver intended to hide debuggers from certain processes |
| idenLibX | 41 | over 6 years ago | : (Library Function Identification ) plugin for / |
| Official x64dbg plugins | 45,012 | 9 months ago | : Official repository of the x64dbg debugger plugins |
| x64dbgpy | 1,469 | over 2 years ago | : Automating x64dbg using Python, Snapshots |
| Multiline Ultimate Assembler | : A multiline (and ultimate) assembler (and disassembler) plugin for x64dbg and OllyDbg. A perfect tool for modifying and extending a compiled executable functionality | ||
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / OllyDBG Plugins | |||
| OllyDumpEx | : This plugin is process memory dumper for OllyDbg | ||
| OllyDeobfuscator | : Deobfuscator for Olly | ||
| Phantom | : Anti anti-debug trick | ||
| TLSCatch 0.3 | : This plugin simply intercepts any new module loaded into the current process address space, searches it for TLS callbacks | ||
| AnalyzeThis | : Assisting for unpacking | ||
| Multiline Ultimate Assembler | : A multiline (and ultimate) assembler (and disassembler) plugin for x64dbg and OllyDbg. A perfect tool for modifying and extending a compiled executable functionality | ||
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / GDB Plugins | |||
| GEF | 7,088 | 9 months ago | : GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers |
| pwndbg | 7,760 | 9 months ago | : Pwndbg is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers |
| Voltron | 6,181 | about 1 year ago | : Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) |
| gdbghidra | 307 | almost 6 years ago | : gdbghidra - a visual bridge between a GDB session and GHIDRA |
| angrgdb | 199 | about 5 years ago | : Use angr inside GDB. Create an angr state from the current debugger state |