IDA 常用插件及资源

Keypatch 可以直接修改二进制代码的插件

链接:https://github.com/keystone-engine/keypatch

安装:

1、 下载Keypatch.py复制到插件目录

IDA 7.0\plugins\Keypatch.py

2、 下载安装keystone python模块,64位系统只需要安装这一个就行(https://github.com/keystone-engine/keystone/releases)

https://github.com/keystone-engine/keystone/releases/download/0.9.1/keystone-0.9.1-python-win64.msi

 

findcrypt-yara 找加密方式的插件

链接:https://github.com/polymorf/findcrypt-yara

安装:

1、 安装yara-python,最简单的方式是使用:pip install yara-python

yara-python地址:https://github.com/VirusTotal/yara-python

2、 下载findcrypt.py复制到插件目录

IDA 7.0\plugins\findcrypt3.rules

IDA 7.0\plugins\findcrypt3.py

 

HexRaysCodeXplorer https://github.com/fjh658/HexRaysCodeXplorer

 

IDA2PAT_Reloaded https://github.com/flowercodec/IDA2PAT_Reloaded

 

配色:colors.zip