search

Mizari / phrank

Tool that automates some useful structure routines in IDA PRO
MIT License
74 stars 4 forks source link
hacking hacking-tool hexrays hexrays-decompiler idapro idapython reverse-engineering

readme

Post HexRays ANalysis Kit

About

Phrank helps with structure analysis and function pointers. Phrank works on top of HexRays ctrees.

Installation

1) Copy/link phrank_plugin.py to IDAPRO/plugins/ 2) Copy/link pyphrank and phrank.py to IDAPRO/python/3/ folder

Capabilities

1) Analyze pointer variable: automatically calculate pointed structure size, create new structure and set variable type

2) Analyze C++ classes with multiple inheritance: detect multiple inheritance among C++ classses, detect virtual tables, create structures for virtual tables, detect and set C++ objects in functions

How to use

There are currently two ways to use phrank: hotkey actions (described here and in comments here) and phrank api (described in docstring comments here).