Discuss Massive Collection of IDA Plugins

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Rake

I'm not your friend
Administrator
Jan 21, 2014
12,497
78,998
2,417
Some notable plugins that I think are useful

Rizzo
This one is cool, good for game haxxing I bet:

devttys0/ida

If you have an IDA database for verion 1.0 of a game with tons of reversed stuff and they release 1.1, this will attempt to find the functions you renamed in 1.0 and find them and rename them in the 1.1 idb automatically

A similar one is: idb2pat - it will generate flirt signatures based on your IDB so you can apply them to the newer version of the binary - fireeye/flare-ida

auto_re
Helps you rename functions based on what library functions they call

a1ext/auto_re

Flirt Signature Database For IDA
Maktm/FLIRTDB

The IDA FLIRT sigs are great, but if you want even more sigs, depending on the binary, use these signature files

For all the x86/x64 signatures place the .sig files in this directory, do not put inside subdirectories
Ida\sig\pc\

How to use them: Using and Making IDA Pro Signatures [Flirt]

Function String Associate

Adds comments for functions based on what strings they access automatically

rcx/IDA7-FunctionStringAssociate

Ida Function Tagger
This IDAPython script tags subroutines according to their use of imported functions
alessandrogario/IDA-Function-Tagger

Some other ones that looked good:

nihilus/functions-plus
danigargu/deREferencing
airbus-seclab/bincat
REhints/HexRaysCodeXplorer
Comsecuris/ida_strcluster
 
Last edited:

Rake

I'm not your friend
Administrator
Jan 21, 2014
12,497
78,998
2,417
This is my new IDA flow:
  1. Setup all FLIRT databases
  2. Rebase to 0
  3. Class informer
  4. Function String Associate
  5. auto_re
  6. Decompile entire binary
I just did this with csgo client.dll and wow, this just made everything way too easy

If you can recommend other plugins that are super helpful please do
 

qiepei

Dank Tier Donator
Sep 4, 2019
4
238
0
This is my new IDA flow:
  1. Setup all FLIRT databases
  2. Rebase to 0
  3. Class informer
  4. Function String Associate
  5. auto_re
  6. Decompile entire binary
I just did this with csgo client.dll and wow, this just made everything way too easy

If you can recommend other plugins that are super helpful please do
think HexRaysPyTools is more useful
 
  • Like
Reactions: Rake

Rake

I'm not your friend
Administrator
Jan 21, 2014
12,497
78,998
2,417
Wow can't believe I never used this before:

IDA Signsrch

IDA Pro plug-in conversion of Luigi Auriemma's signsrch signature matching tool.

Luigi's original signsrch description: "Tool for searching signatures inside files, extremely useful as help in reversing jobs like figuring or having an initial idea of what encryption/- compression algorithm is used for a proprietary protocol or file. It can recognize tons of compression, multimedia and encryption algorithms and many other things like known strings and anti-debugging code which can be also manually added since it's all based on a text signature file read at runtime and easy to modify."
 
  • Like
Reactions: Catbert
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods