GitHub - idkwim/IDACompare: IDA disassembly level diffing tool, find patches and modifications between malware variants. See mydoom A/B sample database and video trainer for usage.

idkwim / IDACompare Public

Notifications You must be signed in to change notification settings
Fork 0
Star 0

IDA disassembly level diffing tool, find patches and modifications between malware variants. See mydoom A/B sample database and video trainer for usage.

0 stars 0 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
WinMerge_Plugin		WinMerge_Plugin
compare		compare
dependancy		dependancy
vb src		vb src
vc src		vc src
.gitattributes		.gitattributes
.gitignore		.gitignore
IDACompare_Setup.exe		IDACompare_Setup.exe
IDA_Compare.plw		IDA_Compare.plw
IdaCompare.dll		IdaCompare.dll
IdaCompare.lib		IdaCompare.lib
README.txt		README.txt
Readme.chm		Readme.chm
blank.mdb		blank.mdb
compare.vbs		compare.vbs
iDefense Labs.url		iDefense Labs.url
ida_compare.exe		ida_compare.exe
install_plw.bat		install_plw.bat
install_script.iss		install_script.iss
mydoom_example.mdb		mydoom_example.mdb
screenShot.png		screenShot.png
signatures.mdb		signatures.mdb
winmerge_test.png		winmerge_test.png

Repository files navigation

Author:    David Zimmer <dzzie@yahoo.com>
License:   GPL
Copyright: Copyright (C) 2005 iDefense.com, A Verisign Company


  IDACompare_Setup.exe will register dependancies and install full source bundle.

Overview:

 IDACompare is a plugin for IDA which is designed to help you
 line up functions across two separate disassemblies. IDACompare
 also contains a signature scanner, where you can save known functions
 and then scan new disassemblies against them looking for key functions.

 It has tools for sequentially renaming matched functions, as well as porting
 user specified names across disassemblies. 

 This plugin has been designed with Malcode analysis in mind. It should
 work equally well for patch analysis.  

 See readme.chm for more details

About

IDA disassembly level diffing tool, find patches and modifications between malware variants. See mydoom A/B sample database and video trainer for usage.

Readme

Activity

0 stars

2 watching

0 forks

Report repository