Added a few new features to some like code and or data segment selectors, etc.
The best thing I’ve removed most if not all of the slow string searching (where it was used) and in general did some speed optimizations.
Now several key ones like “Class Informer” and “ExtraPass” are exponentially faster.
For reversing Windows executables I find IMHO two that are pretty much a necessity:
1) ExtraPass – Cleans up some potential IDA problems by doing an “extra pass” (actually several passes) and finding missing code sections and in turn missing functions, etc.
Can cleanup some of the mess found in large disconnected (from functions that have no references) executables.
2) Class Informer – Finds C++ RTTI, and MFC RTCI type data and structure defs, names, labels, and comments to make more sense of class vftables.
For executables that have this type info it can bring a huge amount of understanding to see actual class and structure names.
Might provide some kind of conceptual anchor points between different versions of your target executable.
You might see methods from familiar static libraries too and so on.
Plus with all the structure placing it can do some clean up the target data section(s) and trigger more IDA autoanalizing that in turn cleans up more code spaces too.
Made it to “External Resources” on the IDA Support page 🙂
Another IMHO that can be very useful is my Function String Associate plug-in that automatically comments functions by strings it has contained within it.
When you are browsing around in your target IDB for functions that have “assert”, or otherwise “error” type strings you will see them.
You might just by seeing these strings associate some kind of context to what the function is for et al.
You can find my released plugins here: IDA plugins