Ida Common Plugins

Plugin Usage Rankings:

1, Hex-rays

Currently the best anti-compile plugin, commercial version.

No doubt: Star ★★★★★

2, Idapython
download:http://d-dome.net/idapython/
This plugin needless to say, IDA Pro 5.4 will be formally integrated Idapython.

Detpdb
download:http://www.phreedom.org/software/detpdb/
Always feel that Ida comes with the symbol download, analysis function is not good for friends can try this plugin, let you worry about nothing:)

MIDA
download:http://cgi.tenablesecurity.com/tenable/mida.php
is currently the best RPC Interface disassembly tool.

PatchDiff2
download:http://cgi.tenablesecurity.com/tenable/patchdiff.php
Also the best patch comparison tool available (free)

Patchdiff technology is primarily a comparison of changes made before and after an analysis of a program's patches, which may be essential if you want to study what Microsoft's monthly security patch fixes, by using IDA to disassemble all functions and then compare the traces of changes. Some professional security companies may have their own custom-made Patchdiff tools, but most of the time they pick up online ready-to-use. For example Zynamics Bindiff, a powerful Patchdiff plugin. Http://www.zynamics.com/bindiff.html The last news on the Zynamics home page was the news that Google had acquired, and the current version was 3.2.1, which was not available for public download. Zynamics Bindiff is a commercial version, and very expensive, Java compiled, the Internet can find is still the v2.0.269 version. Http://rapidshare.com/files/178972616/SABRE-BinDiff--v2.0.269.rar There are also some free, such as these two: Turbodiff is a free Patchdiff plugin and is not sure if IDA6.1 is supported. Http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=turbodiff Another free one has to mention is PATCHDIFF2: http://code.google.com/p/patchdiff2/ PATCHDIFF2 is similar to Zynamics Bindiff, and the newly compiled 2.0.10 supports IDA6.1. It also contains 32 and 64 bits of two versions, very convenient.

Other unknown and useful plugins are listed below:

1, Commentviewer

We are currently trying to share my experience with you later.

The IDA plugin-related sites are shared as follows:

Http://www.openrce.org/articles/Key Recommendation: It contains the reverse technology very professional articles, and see Snow, Evil binary system is called the reverse powerful Technology professional website

Http://old.idapalace.net/plugins.html as long as you go a little deeper into IDA, this site has to come, in the plugin to provide a lot of useful help information, like a