adding function type information during naming of imports

danielplohmann / apiscout

This project aims at simplifying Windows API import recovery on arbitrary memory dumps

BSD 2-Clause "Simplified" License

241 stars 41 forks source link

adding function type information during naming of imports #13

Closed FlxP0c closed 5 years ago

FlxP0c commented 5 years ago

In your talk in Bochum last week you said Apiscout is not yet setting the type information of the identified APIs in IDA. This PR should help. I tested it successfully with IDA 6.9 and 7.2

I'm not too happy by always importing the two Type Libraries (wdk8_um and mssdk_win7), but it helps IDA in identifying the types of the named Imports, and it is a prerequisite for setting the type information on the Xrefs.

Hope that helps. :)

danielplohmann commented 5 years ago

Thank you so much! That's super cool and very helpful!