State-of-the-art binary code analysis tools
With IDA 7.0 switching fully to native x64 architecture, we also switched to the x64 Python which brought some new issues but also exposed some we’ve seen before. This post tries to summarize the most common issues we’ve seen our users encounter as well as suggestions about how to fix them or at […]
Background Contrary to previous versions that shipped with Qt 4.8.4, IDA 6.9 ships with Qt 5.4.1 and as we announced some time ago, this will force some changes for plugin writers who were using IDAPython + PySide in order to build custom interfaces. What’s more, in addition to the Qt4 -> Qt5 switch, we have also […]
Intended audience Plugin writers, either using the C SDK or IDAPython, who would like to add actions/commands to IDA UI in order to augment its capabilities. Rationale: before 6.7 APIs galore Depending on what type of context you were in, various APIs were available to you: Want to add a main menu item? add_menu_item(const char *menupath, const char *name, const char […]
Target audience You may want to read this if you have been writing an IDA C++ plugin, that itself uses the CPython runtime. Prior art In 2010, Elias Bachaalany wrote a blog post about extending IDAPython: http://www.hexblog.com/?p=126 Note that this is not about writing your own plugins in Python. Rather, that blog post instruct on how you may […]
TL;DR If you were using import to import your own “currently-in-development” modules from your IDAPython scripts, you may want to use idaapi.require(), starting with IDA 6.5. Rationale When using IDAPython scripts, users were sometimes facing the following issue Specifically: User loads script Script imports user’s module mymodule Script ends User modifies code of mymodule (Note: the module is modified, not the script) User […]
IDAPython provides wrappers for a big chunk of IDA SDK. Still, there are some APIs that are not wrapped because of SWIG limitations or just because we didn’t get to them yet. Recently, I needed to test the get_loader_name() API which is not available in IDAPython but I didn’t want to write a full plugin […]
In a previous blog post we mentioned that it is possible to use IDA Pro with PySide (Python + Qt) after applying some minor code patches to PySide. For convenience purposes, we precompiled the PySide libraries that work with IDA Pro 6.0+ and Python 2.6/2.7. Below is a brief explanation on […]
In this blog post, we are going to illustrate how to use some of the new UI features introduced in IDA Pro 6.1 (embedded choosers, custom icons, etc…) by writing a VirusTotal reporting and file submission plugin for IDA Pro. The plugin will […]
In this blog post we are going to illustrate how to use the command line interpreter (CLI) interface from Python and how to write a basic command completion functionality for the Python CLI.
Custom viewers can be used to display arbitrary textual information and can be used in any IDA plugin.They are used in IDA-View, Hex-View, Enum and struct views and the Hex-Rays decompiler. In this blog entry we are going to write an ASM file viewer in order to demonstrate how to create a custom viewer and […]