IDA EA

A set of exploitation/reversing aids for IDA

Features

Context Viewer

New context viewer for IDA, Features include:

Recursive pointer derfereneces
History browser
Color coded memory
Instruction rewind feature
A similar interface to that of popular GDB plugings (eg. PEDA/GEF)

Instuction Emulator

Live annotate the results if furture instructions in IDA using the Unicorn CPU emulator
Can be hooked to breakpoints
Visualise instructions before execution

Heap Explorer

Explore current heap state of glibc binaries

Trace allocations
Enumerate bins
View all free and allocated chunks headers
Useful for heap exploitation / debugging.

Trace Dumper

Dump the results of an IDA trace into a Pandas Dataframe
Analyze traces in Python using Pandas

CMD

GDB bindings for IDA
GDB style mem queries + searches

Restyle

Restyle IDA using GUI.

Install

Dependencies

No core dependencies for the plugin. Nevertheless certain fetures will be disabled without these python libraries installed:

Trace Dumper

Pandas

Instruction Emulator

Unicorn CPU emulator
Capstone Dissasembler

Install

Place ida_ea folder in IDA Pro directory (C:\Users\{name}\AppData\Roaming\Hex-Rays\IDA Pro on Windows)
Add line from ida_ea import ea_main to your idapythonrc file.
Plugin is accessed via IDA EA tab added to the menu bar

Warning

Only tested on Windows with IDA 6.8
Only supports x86/x86-64 binaries
Alpha release so expect many bugs!

Name	Name	Last commit message	Last commit date
Latest commit 1111joe1111 fixed ea_view x86 reg lookup issue in ida7 Nov 28, 2017 a0c53b6 · Nov 28, 2017 History 75 Commits
screens	screens	0.1a	Oct 17, 2017
ui	ui	added instruction rewind warning	Oct 24, 2017
.gitignore	.gitignore	fixed ea_view x86 reg lookup issue in ida7	Nov 28, 2017
README.md	README.md	reformat	Oct 19, 2017
__init__.py	__init__.py	0.1a	Oct 17, 2017
api_funcs.py	api_funcs.py	Fix compatibility with IDA7 (Qt5)	Oct 23, 2017
arrow.png	arrow.png	0.1a	Oct 17, 2017
chunk_template.html	chunk_template.html	0.1a	Oct 17, 2017
ea_UI.py	ea_UI.py	fixed numerous IDA 7 related bugs	Nov 23, 2017
ea_cmd.py	ea_cmd.py	fixed delay when applying ea view style changes	Nov 12, 2017
ea_emu_client.py	ea_emu_client.py	Fix compatibility with IDA7 (Qt5)	Oct 23, 2017
ea_emu_server.py	ea_emu_server.py	close connection on unrecognized cmd	Oct 23, 2017
ea_heap.py	ea_heap.py	Fix compatibility with IDA7 (Qt5)	Oct 23, 2017
ea_main.py	ea_main.py	fixed incorrect font display with skin applied/added display options …	Oct 24, 2017
ea_read_t.py	ea_read_t.py	Fix compatibility with IDA7 (Qt5)	Oct 23, 2017
ea_skin.py	ea_skin.py	fixed numerous IDA 7 related bugs	Nov 23, 2017
ea_trace.py	ea_trace.py	fixed error when invalid dump directory selected	Oct 24, 2017
ea_utils.py	ea_utils.py	fixed ea_view x86 reg lookup issue in ida7	Nov 28, 2017
ea_view.py	ea_view.py	fixed ea_view x86 reg lookup issue in ida7	Nov 28, 2017
get_offsets.py	get_offsets.py	Fix compatibility with IDA7 (Qt5)	Oct 23, 2017
style_template.css	style_template.css	added instruction rewind warning	Oct 24, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

IDA EA

Features

Context Viewer

Instuction Emulator

Heap Explorer

Trace Dumper

CMD

Restyle

Install

Dependencies

Trace Dumper

Instruction Emulator

Install

Warning

Enjoy!

About

Releases

Packages

Contributors 2

Languages

1111joe1111/ida_ea

Folders and files

Latest commit

History

Repository files navigation

IDA EA

Features

Context Viewer

Instuction Emulator

Heap Explorer

Trace Dumper

CMD

Restyle

Install

Dependencies

Trace Dumper

Instruction Emulator

Install

Warning

Enjoy!

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages