awesome-ida-x64-olly-plugin
Binary analysis suite
A curated collection of plugins and tools for reverse-engineering binary code using IDA Pro and other disassemblers
A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
1k stars
45 watching
152 forks
last commit: 6 months ago Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / IDA Plugins | |||
| Keypatch | : Friendly assembly-level patching/searching plugin (using multi-arch assembler framework inside) | ||
| Lazy ida | 1,092 | 11 days ago | : Add functionalities such as function return removing, converting data, scanning for string vulnerabilities |
| IDAemu | 551 | over 2 years ago | : Use for emulating code in IDA Pro. It is based on unicorn-engine |
| IDA_EA | 415 | almost 7 years ago | : A set of exploitation/reversing aids for IDA |
| Labeless | 515 | over 2 years ago | : System for labels/comments synchronization with a debugger backend |
| Idadiff | 20 | over 7 years ago | : A diffing tool using |
| IDA Skin | 914 | over 5 years ago | : Plugin providing advanced skinning support for IDA Pro utilizing Qt stylesheets, similar to CSS |
| Auto Re | 612 | 3 months ago | : Auto-renaming dummy-named functions, which have one API call or jump to the imported API |
| IDA IPython | 252 | over 5 years ago | : An IDA Pro Plugin for embedding an IPython |
| IDA Sploiter | 180 | over 5 years ago | : An exploit development and vulnerability research plugin |
| IDATropy | 135 | over 3 years ago | : It is designed to generate charts of entropy and histograms using the power of idapython and matplotlib |
| IDA Patcher | 113 | over 8 years ago | : It is designed to enhance IDA's ability to patch binary files and memory |
| IDAHunt | 376 | about 1 year ago | : Analyze binaries with IDA Pro and hunt for things in IDA Pro |
| IDA for Delphi | 153 | almost 2 years ago | : IDA Python Script to Get All function names from Event Constructor (VCL) |
| IDA ARM Highlight | 390 | about 3 years ago | : Highlighting and decoding ARM system instructions |
| BinDiff | : It is a comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code | ||
| Diaphora | 3,659 | 2 months ago | : It is a program diffing plugin for IDA, similar to Zynamics Bindiff |
| Yaco | 314 | over 5 years ago | : Collaborative Reverse-Engineering for IDA |
| IDASignSrch | : It can recognize tons of compression, multimedia and encryption algorithms and many other things like known strings and anti-debugging code | ||
| Findcrypt2 | : It searches constants known to be associated with cryptographic algorithm in the code | ||
| Driver Buddy | 352 | almost 5 years ago | : It assists with the reverse engineering of Windows kernel drivers |
| Heap Viewer | 737 | over 2 years ago | : Used to examine the glibc heap, focused on exploit development |
| IDAScope | 110 | over 2 years ago | : It consists of multiple tabs, containing functionality to achieve different goals such as fast identification of semantically interesting locations |
| HexRayPytools | 1,420 | 3 months ago | : Assist in the creation of classes/structures and detection of virtual tables |
| Ponce | 1,499 | 3 months ago | : Symbolic Execution just one-click away! |
| idenLib.py | 93 | over 5 years ago | : (Library Function Identification ) plugin for |
| J.A.R.V.I.S | 149 | over 1 year ago | A plugin for IDA Pro to assist you with the most common reversing tasks. It integrates with the (J.A.R.V.I.S) tracer |
| golang_loader_assist | 628 | over 4 years ago | : Making GO reversing easier in IDA Pro |
| FindYara | 171 | 10 months ago | : IDA python plugin to scan binary with yara rules |
| Karta | 864 | over 1 year ago | : Source code assisted fast binary matching plugin for IDA |
| VT-IDA-PLUGIN | 155 | 11 months ago | : This plugin integrates functionality from VirusTotal web services into the IDA Pro's user interface |
| mkYARA | 203 | about 3 years ago | : mkYARA comes with a IDA plugin to easily create YARA signatures by selecting a set of instructions and choosing one of the mkYARA -> Generate YARA rule options |
| Oregami | 179 | over 1 year ago | : IDA plugins and scripts for analyzing register usage frame |
| IDA_IFL | 424 | 23 days ago | : A small plugin with a goal to provide user-friendly way to navigate between functions and their references |
| xray | 125 | 12 months ago | : xray is a plugin for the Hexrays decompiler that both filters and colorizes the textual representation of the decompiler's output based on configurable regular expressions |
| Lighthouse | 2,255 | 4 months ago | : Lighthouse is a powerful code coverage plugin for IDA Pro and Binary Ninja. As an extension of the leading disassemblers, this plugin enables one to interactively explore code coverage data in new and innovative ways when symbols or source may not be available for a given binary |
| CAPA Explorer | 4,885 | 3 days ago | : Capa explorer is an IDA Pro plugin written in Python that integrates the FLARE team's open-source framework, capa, with IDA |
| Ghida | 779 | almost 4 years ago | : GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in IDA |
| vt-ida-plugin | 155 | 11 months ago | : This plugin integrates functionality from VirusTotal web services into the IDA Pro's user interface |
| Virtuailor | 1,273 | over 3 years ago | : IDAPython tool for C++ vtables reconstruction |
| ipyda | 730 | 2 months ago | : PyIDA is a python-only solution to add an IPython console to IDA Pro |
| ComIDA | 198 | over 1 year ago | : An IDA Plugin that help during the analysis of modules using COM |
| D810 | : D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode | ||
| lumen | 931 | 21 days ago | : A private Lumina server for IDA Pro |
| Hexrays Toolbox | 438 | over 1 year ago | : Hexrays Toolbox is a script for the Hexrays Decompiler which can be used to find code patterns within decompiled code |
| HRDevHelper | 375 | 3 months ago | : This plugin for the HexRays decompiler creates a graph of a decompiled function's AST using IDA's internal graph viewer |
| dsync | 449 | almost 4 years ago | : IDAPython plugin that synchronizes disassembler and decompiler views |
| IDACyber | 287 | almost 2 years ago | : IDACyber is an interactive data visualization plugin for IDA Pro. It consists of external "color filters" that transform raw data bytes into a canvas that can be used to inspect and navigate data interactively |
| abyss | 329 | about 2 years ago | : Augmentation of postprocess Hexrays decompiler output |
| genmc | 231 | about 2 years ago | : genmc is an IDAPython script/plugin hybrid that displays Hexrays decompiler microcode, which can help in developing microcode plugins |
| ida-minsc | 319 | about 2 months ago | : IDA-minsc is a plugin for IDA Pro that assists a user with scripting the IDAPython plugin that is bundled with the disassembler |
| Bip | 189 | over 2 years ago | : Bip is a project which aims to simplify the usage of python for interacting with IDA. Its main goals are to facilitate the usage of python in the interactive console of IDA and the writing of plugins |
| FIDL | 450 | over 1 year ago | : This is a set of utilities wrapping the decompiler API into something sane. This code focus on vulnerability research and bug hunting |
| flare-emu | 797 | 26 days ago | : flare-emu marries a supported binary analysis framework, such as IDA Pro or Radare2, with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks |
| CTO (Call Tree Overviewer) | 324 | about 2 months ago | : CTO (Call Tree Overviewer) is an IDA plugin for creating a simple and efficiant function call tree graph. It can also summarize function information such as internal function calls, API calls, static linked library function calls, unresolved function calls, string references, structure member accesses, specific comments |
| HashDB | 296 | about 1 month ago | : Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service |
| deREferencing | 560 | about 1 month ago | : deReferencing is an IDA Pro plugin that implements new registers and stack views. Adds dereferenced pointers, colors and other useful information, similar to some GDB plugins (e.g: PEDA, GEF, pwndbg, etc) |
| syms2elf | 199 | over 2 years ago | : The plugin export the symbols (for the moment only functions) recognized by IDA Pro and radare2 to the ELF symbol table |
| retdec-idaplugin | 762 | 9 months ago | : RetDec plugin for IDA (Interactive Disassembler). The plugin comes at both 32-bit and 64-bit address space variants (both are 64-bit binaries) |
| VMAttack | 813 | almost 7 years ago | : IDA Pro Plugin for static and dynamic virtualization-based packed analysis and deobfuscation |
| BinCAT | 1,691 | about 2 months ago | : Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection |
| ttddbg - Time Travel Debugging IDA plugin | 553 | 5 months ago | : This plugin adds a new debugger to IDA which supports loading Time Travel Debugging traces generated using WinDBG Preview |
| IDA Plugin List | : An additional list that contains multiple IDA plugin | ||
| Gepetto | 2,853 | 2 months ago | : Gepetto is a Python script which uses OpenAI's ChatGPT to provide meaning to functions decompiled by IDA Pro |
| DAILA | 556 | 9 days ago | : A decompiler-unified plugin for accessing the OpenAI API to improve your decompilation experience |
| VulChatGPT | 352 | over 1 year ago | : Use IDA PRO HexRays decompiler with OpenAI(ChatGPT) to find possible vulnerabilities in binaries |
| gooMBA | 581 | over 1 year ago | : gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions |
| NOP_Plugin | 12 | 7 months ago | : Plugin for NOPing instructions in IDA |
| Copilot for IDA Pro | 143 | about 1 year ago | : ChatGPT Agent analyses your IDA pseudocode |
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / Ghidra Plugins | |||
| Ghidra Scripts | 464 | over 3 years ago | : Port of devttyS0's IDA plugins to the Ghidra plugin framework, new plugins as well |
| Ghidra Scripts 2 | 90 | 11 months ago | : Ghidra script for malware analysis |
| Findcrypt | 522 | over 1 year ago | : IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database |
| Lazy Ghidra | 137 | about 4 years ago | : Make your Ghidra Lazy |
| Pcode Emulator | 105 | almost 4 years ago | : A PCode Emulator for Ghidra |
| dragondance | 286 | 5 months ago | : Dragon Dance is a plugin for Ghidra to get visualize and manipulate the binary code coverage data |
| ghidra_nodejs | 337 | over 3 years ago | : Ghidra plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries |
| cantordust | 350 | 11 months ago | : CantorDust is a binary visulization tool used to aid reverse engineering efforts. It allows humans to utilize their superior visual pattern recognition to identify patterns in binary data |
| ghidra-findcrypt | 246 | over 1 year ago | : Ghidra analysis plugin to locate cryptographic constants (This is a re-write of another Ghidra FindCrypt script as an auto analysis module) |
| Awesome Ghidra | 1,174 | about 3 years ago | : A list of additionnal Ghidra plugins |
| Ghidrathon | 698 | 7 months ago | : Ghidrathon is a Ghidra extension that adds Python 3 scripting capabilities to Ghidra |
| GptHidra | 346 | about 1 year ago | : GptHidra is a Ghidra plugin that uses the OpenAI Chat GPT to explain functions. With GptHidra, you can easily understand the purpose and behavior of functions in your codebase |
| Replica | 287 | over 4 years ago | : Ghidra Analysis Enhancer - Automatically enhance Ghidra's auto analysis with additional scripts and features |
| AskJOE | 121 | 4 months ago | : AskJoe is a tool that utilizes OpenAI to assist researchers wanting to use Ghidra as their malware analysis tool |
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / x64dbg Plugins | |||
| Checksec | 125 | over 7 years ago | : x64dbg plugin to check security settings |
| ClawSearch | 275 | about 2 years ago | : A memory scanner plugin for x64dbg, inspired by Cheat Engine |
| x64DBGPYLIB | 51 | over 5 years ago | : Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg |
| xAnalyzer | 1,017 | about 3 years ago | : It is capable of doing various types of analysis over the static code of the debugged application to give more extra information to the user |
| x64DBGIDA | 461 | about 2 months ago | : Official x64dbg plugin for IDA Pro |
| x64dbg Dark Theme | 30 | over 5 years ago | : Simple dark theme |
| X64DBG YaraGen | 35 | about 7 years ago | : Generate Yara rules from function basic blocks |
| Diff | 31 | almost 4 years ago | : Very simple plugin to diff a section in memory with a file |
| Unpacking Script | 500 | 5 months ago | : Unpacking script for x64dbg |
| Anti Anti | 192 | over 7 years ago | : Open-source user-mode Anti-Anti-Debug plugin |
| ScyllaHide | 3,469 | 6 months ago | : |
| Highlightfish | 20 | about 7 years ago | : Plugin to customize x64dbg |
| TitanHide | 2,120 | 10 months ago | : It is a driver intended to hide debuggers from certain processes |
| idenLibX | 41 | over 5 years ago | : (Library Function Identification ) plugin for / |
| Official x64dbg plugins | 44,804 | about 1 month ago | : Official repository of the x64dbg debugger plugins |
| x64dbgpy | 1,469 | over 1 year ago | : Automating x64dbg using Python, Snapshots |
| Multiline Ultimate Assembler | : A multiline (and ultimate) assembler (and disassembler) plugin for x64dbg and OllyDbg. A perfect tool for modifying and extending a compiled executable functionality | ||
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / OllyDBG Plugins | |||
| OllyDumpEx | : This plugin is process memory dumper for OllyDbg | ||
| OllyDeobfuscator | : Deobfuscator for Olly | ||
| Phantom | : Anti anti-debug trick | ||
| TLSCatch 0.3 | : This plugin simply intercepts any new module loaded into the current process address space, searches it for TLS callbacks | ||
| AnalyzeThis | : Assisting for unpacking | ||
| Multiline Ultimate Assembler | : A multiline (and ultimate) assembler (and disassembler) plugin for x64dbg and OllyDbg. A perfect tool for modifying and extending a compiled executable functionality | ||
Awesome IDA, Ghidra, x64DBG, GDB & OllyDBG plugins / GDB Plugins | |||
| GEF | 6,996 | 9 days ago | : GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers |
| pwndbg | 7,629 | 9 days ago | : Pwndbg is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers |
| Voltron | 6,181 | 5 months ago | : Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) |
| gdbghidra | 305 | about 5 years ago | : gdbghidra - a visual bridge between a GDB session and GHIDRA |
| angrgdb | 198 | over 4 years ago | : Use angr inside GDB. Create an angr state from the current debugger state |