Nampa - FLIRT for (binary) ninjas
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
img screensho Apr 20, 2017
nampa
tests We have fast-ish CRC16 Apr 14, 2017
.gitignore Packaging Aug 17, 2017
COPYING Update COPYING Apr 18, 2017
README.md m: readme Aug 17, 2017
__init__.py improvement: use basic_blocks to calculate functions' ends Apr 16, 2017
dumpsig.py dumpsig command line Apr 14, 2017
freezer.sh 2/3 compatibility Aug 17, 2017
plugin.json
requirements.txt
setup.cfg Packaging Aug 17, 2017
setup.py Bump PyPI version Aug 23, 2017

README.md

Nampa - FLIRT for (binary) ninjas

Author: github.com/kenoph

Pure-python implementation of IDA Pro's FLIRT technology, and Binary Ninja plugin.

Note: This project is still in an experimental phase and may fail to work or to recognize some functions.

Description

Nampa is a package for reading IDA Pro's .sig files. It comes with its own command-line tool for analyzing such files: dumpsig.py.

This repository will likely be split into a python-only package and a Binary Ninja plugin in the future, as the former is completely decoupled from the latter.

Nampa comes with a small library of .sig files, automatically downloaded from 3rd-party GitHub repositories when needed.

Screenshot

Dialog

Installation

For use as a python library:

pip install nampa

For use as a Binary Ninja plugin:

cd ~/.binaryninja/plugins/
git clone git@github.com:kenoph/nampa.git
cd nampa
pip install -r requirements.txt # or sudo apt-get install python-future

NOTE: apparently, Binary Ninja for Windows ships with its own python distribution so pip install accordingly.

About

Nampa (なんぱ) is the Japanese art of picking up women on the street.

Limitations

The code needs some real-world testing to rule out bugs introduced during the porting of flirt.c to python.

Credits

A big part of this project is basically a python port of radare's FLIRT implementation.

License

The original radare's flirt.c is under LGPL, so my deep knowledge of software licenses tells me that I must keep it that way.