Skip to content
Python scripts for reverse engineering.
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
apply_all_signatures.py
color_as_default.py
create_suspended_process.py
find_ARMB_prologue.py
highlight_all_CALLs.py
load_IAT.py
mem2file.py
merge_functions.py Typo fix Mar 7, 2015
parse_ARM_SEH.py
parse_x64_SEH.py
rotate.py
show_SEH_chain.py
visualize_binary.py

README.md

scripts_for_RE

Python scripts for reverse engineering.

create_suspended_process.py

Launches a suspended process.

mem2file.py

Modifies the give raw PE memory dump file to load it with IDA properly.

load_IAT.py

(IDA Only) Loads an output of a 'dps' command and apply it to the IDB file.

parse_x64_SEH.py

(IDA Only) Locates SEH try blocks, exception filters and handlers for x64 Windows.

parse_ARM_SEH.py

(IDA Only) Locates SEH try blocks, exception filters and handlers for Windows RT.

merge_functions.py

(IDA Only) Merges a given function with the next function.

visualize_binary.py

Generates a PNG image file that represents the contents of a specified file.

apply_all_signatures.py

(IDA Only) Applies all FLIRT signatures in a /sig directory.

color_as_default.py

(IDA Only) Changes all instructions color to default.

find_ARMB_prologue.py

(IDA Only) Finds function-prologue-like byte sequences for ARMB.

highlight_all_CALLs.py

(IDA Only) Highlights all function call instructions in a given binary file.

show_SEH_chain.py

(IDA Only) Shows SEH chains (stack and handlers) for all threads.

rotate.py

Provides _ROR4_, _ROR8_, _ROL4_ and _ROL8_ functions.

You can’t perform that action at this time.