24 May

IDA function reference count to comment plug-in

It dawned on me the other day that because of how I think when I do reversing that seeing how many times a function is referenced would be useful information.
If I could just glean this off the screen rather then manually pressing ‘X’ and count summarizing each sub-function while within a function then that might save me a lot of time and energy.

As I am reversing a particular function it’s local functions are probably of more significance then ones that are not.
If I see a count of ‘1’ then I can assume it is local (although this might not be 100% true as there could be some error in my IDB that is missing one or more references).
Otherwise if I see a function with many references then I can make some assumptions about it’s nature too.
Read More

23 May

Updated IDA Pro plugins

I updated my IDA Pro plugins back in March here IDA Plugins.
I made a post on the IDA forum IDA Pro fourm but forgot to note it here until now.

Added a few new features to some like code and or data segment selectors, etc.
The best thing I’ve removed most if not all of the slow string searching (where it was used) and in general did some speed optimizations.
Now several key ones like “Class Informer” and “ExtraPass” are exponentially faster.

For reversing Windows executables I find IMHO two that are pretty much a necessity:
Read More