DEFENSIVE PROGRAMMING

AN EXTENSIVE LIST OF SOURCE CODE ANALYSIS TOOLS

http://samate.nist.gov/index.php/Source_Code_Security_Analyzers
http://samate.nist.gov/index.php/Byte_Code_Scanners
http://samate.nist.gov/index.php/Binary_Code_Scanners

OVAL INTERPRETER

http://oval.mitre.org/language/download/interpreter/index.html

THE OVAL INTERPRETER IS A FREELY AVAILABLE REFERENCE IMPLEMENTATION CREATED TO SHOW HOW INFORMATION CAN BE COLLECTED FROM A COMPUTER FOR TESTING, TO EVALUATE AND CARRY OUT THE OVAL DEFINITIONS FOR THAT PLATFORM, AND TO REPORT THE RESULTS OF THE TESTS. PREVIOUS VERSIONS OF THE INTERPRETER AND ITS SOURCE CODE ARE AVAILABLE IN THE OVAL ARCHIVE.

MITRE DEVELOPED THE REFERENCE INTERPRETER TO DEMONSTRATE THE USABILITY OF OVAL DEFINITIONS, AND FOR DEFINITION WRITERS TO USE TO ENSURE CORRECT SYNTAX AND ADHERENCE TO THE OVAL SCHEMAS DURING THE DEVELOPMENT OF DRAFT DEFINITIONS. IT IS NOT A FULLY FUNCTIONAL SCANNING TOOL AND HAS A SIMPLISTIC USER INTERFACE, BUT RUNNING THE INTERPRETER WILL PROVIDE YOU WITH A LIST OF OVAL-IDS AND THEIR REFERENCES (E.G., CVE NAMES) DETERMINED BY OVAL TO BE PRESENT ON THE SYSTEM.

OVAL LANGUAGE RELEASES

http://oval.mitre.org/language/download/schema/index.html

CURRENT AND UPCOMING OVAL LANGUAGE RELEASES, WITH LINKS TO INFORMATION AND DOWNLOADS

LORDPE

http://www.softpedia.com/get/Programming/File-Editors/LordPE.shtml

LORDPE IS A TOOL FOR SYSTEM PROGRAMMERS WHICH IS ABLE TO EDIT/VIEW MANY PARTS OF PE (PORTABLE EXECUTABLE) FILES

HERE ARE SOME KEY FEATURES OF "LORDPE":

TASK VIEWER
· DUMP MODULES FULL
· DUMP MODULES PARTIAL
· DUMP PROCESS REGIONS
· MODIFY PROCESS PRIORITY
· ANTI DUMP PROTECTION STUFF
· KILL PROCESSES

PE EDITOR
· EDIT BASIC HEADER INFORMATION (EDIT SUBSYSTEM FLAG, CORRECT CHECKSUM, EDIT CHARACTERISTICS, ENLARGE HEADER)
· SECTION TABLE VIEWER
· EDIT SECTION HEADERS
· EDIT SECTION HEADER CHARACTERISTICS
· HEX EDIT SECTION
· ADD SECTION HEADERS
· DELETE SECTION HEADERS
· SAVE SECTIONS TO DISK
· LOAD SECTIONS FROM DISK
· TRUNCATE AT THE START/AT THE END OF A SECTION
· SPLIT/UNSPLIT
· DIRECTORY TABLE VIEWER
· EXPORT TABLE VIEWER (EDIT EXPORT TABLE, EDIT EXPORTED ITEMS)
· IMPORT TABLE VIEWER (EDIT IMAGEIMPORTDESCRIPTORS, DELETE IMAGEIMPORTDESCRIPTORS, DELETE ORIGINALFIRSTTHUNK'S, ADD IMPORTS, EDIT THUNKS OF IMAGEIMPORTDESCRIPTORS)
· RESOURCE DIRECTORY VIEWER (DUMP RESOURCES, HEX EDIT RESOURCES)
· ADVANCED RELOCATION VIEWER
· COPYRIGHT STRING VIEWER
· TLS TABLE VIEWER
· DEBUG DIRECTORY VIEWER
· BOUND IMPORT VIEWER
· FLC (VA<->RVA<->OFFSET - CALCULATOR)
· HEX EDIT TARGET LOCATION
· TDSC (TIMEDATESTAMP <-> TIME/DATE - CONVERTER)
· COMPARE PE FILES

BREAK & ENTER
· BREAK AT THE ENTRYPOINT OF PE EXE OR DLL FILES

PE REBUILDER
· DUMPFIX
· REALIGNING
· WIPE RELOCATION
· IMPORTTABLE REBUILDER
· VALIDATE PE (MAKE A PE WORK ON WIN2K)
· BIND IMPORTS
· CHANGE IMAGEBASE

OPENRCE (REVERSE ENGINEERING COMMUNITY)

http://www.openrce.org

FOUNDED IN JUNE OF 2005, THE OPEN REVERSE CODE ENGINEERING COMMUNITY WAS CREATED TO FOSTER A SHARED LEARNING ENVIRONMENT AMONG RESEARCHERS INTERESTED IN THE FIELD OF REVERSE ENGINEERING. OPENRCE AIMS TO SERVE AS A CENTRALIZED RESOURCE FOR REVERSE ENGINEERS BY HOSTING FILES, BLOGS, FORUMS, ARTICLES AND A UNIQUE COLLECTION OF REFERENCE MATERIAL.

REFERENCE MATERIALS INCLUDE PAPERS, A BOOK STORE, ANTI REVERSE ENGINEERING DATABASE, IDA SDK DEVELOPMENT LANGUAGE REFERENCE, A DATABASE OF PACKER ANALYSIS NOTES AND A DATABASE MAPPING THE CALL CHAINS BETWEEN POPULAR WINDOWS API.

NUMEROUS TOOLS COVERING: (AUDITING - DEBUGGING - REVERSING - SCANNERS – RESOURCES) 

http://www.how-to-hack.org/files.html

BOOMERANG DECOMPILER

http://boomerang.sourceforge.net

THIS PROJECT IS AN ATTEMPT TO DEVELOP A REAL DECOMPILER FOR MACHINE CODE PROGRAMS THROUGH THE OPEN SOURCE COMMUNITY. A DECOMPILER TAKES AS INPUT AN EXECUTABLE FILE, AND ATTEMPTS TO CREATE A HIGH LEVEL, COMPILABLE, POSSIBLY EVEN MAINTAINABLE SOURCE FILE THAT DOES THE SAME THING. IT IS THEREFORE THE OPPOSITE OF A COMPILER, WHICH TAKES A SOURCE FILE AND MAKES AN EXECUTABLE. HOWEVER, A GENERAL DECOMPILER DOES NOT ATTEMPT TO REVERSE EVERY ACTION OF THE DECOMPILER, RATHER IT TRANSFORMS THE INPUT PROGRAM REPEATEDLY UNTIL THE RESULT IS HIGH LEVEL SOURCE CODE. IT THEREFORE WON'T RECREATE THE ORIGINAL SOURCE FILE; PROBABLY NOTHING LIKE IT. IT DOES NOT MATTER IF THE EXECUTABLE FILE HAS SYMBOLS OR NOT, OR WAS COMPILED FROM ANY PARTICULAR LANGUAGE. (HOWEVER, DECLARATIVE LANGUAGES LIKE ML ARE NOT CONSIDERED.)

THE INTENT IS TO CREATE A RETARGETABLE DECOMPILER (I.E. ONE THAT CAN DECOMPILE DIFFERENT TYPES OF MACHINE CODE FILES WITH MODEST EFFORT, E.G. X86-WINDOWS, SPARC-SOLARIS, ETC). IT WAS ALSO INTENDED TO BE HIGHLY MODULAR, SO THAT DIFFERENT PARTS OF THE DECOMPILER CAN BE REPLACED WITH EXPERIMENTAL MODULES. IT WAS INTENDED TO EVENTUALLY BECOME INTERACTIVE, A LA IDA PRO, BECAUSE SOME THINGS (NOT JUST VARIABLE NAMES AND COMMENTS, THOUGH THESE ARE OBVIOUSLY VERY IMPORTANT) REQUIRE EXPERT INTERVENTION. WHETHER THE INTERACTIVITY BELONGS IN THE DECOMPILER OR IN A SEPARATE TOOL REMAINS UNCLEAR.

BY TRANSFORMING THE SEMANTICS OF INDIVIDUAL INSTRUCTIONS, AND USING POWERFUL TECHNIQUES SUCH AS STATIC SINGLE ASSIGNMENT DATAFLOW ANALYSIS, BOOMERANG SHOULD BE (LARGELY) INDEPENDENT OF THE EXACT BEHAVIOUR OF THE COMPILER THAT HAPPENED TO BE USED. OPTIMIZATION SHOULD NOT AFFECT THE RESULTS. HENCE, THE GOAL IS A GENERAL DECOMPILER.

IDA PRO DISASSEMBLER AND DEBUGGER (COMMERCIAL)

http://www.datarescue.com/idabase/ida.htm

THE IDA PRO DISASSEMBLER AND DEBUGGER IS AN INTERACTIVE, PROGRAMMABLE, EXTENDIBLE, MULTI-PROCESSOR DISASSEMBLER HOSTED ON WINDOWS OR ON LINUX. IDA PRO HAS BECOME THE DE-FACTO STANDARD FOR THE ANALYSIS OF HOSTILE CODE, VULNERABILITY RESEARCH AND COTS VALIDATION.

COVERITY PREVENT SQS (COMMERCIAL)

http://www.coverity.com/html/prod_prevent.html

PREVENT (SOFTWARE QUALITY SYSTEM) SQS IS THE LEADING AUTOMATED APPROACH TO IDENTIFYING AND RESOLVING THE MOST CRITICAL DEFECTS IN C, C++ AND JAVA SOURCE CODE. BY PROVIDING A COMPLETE UNDERSTANDING OF YOUR BUILD ENVIRONMENT, SOURCE CODE, AND DEVELOPMENT PROCESS, PREVENT SQS SETS THE STANDARD FOR ENABLING HIGH QUALITY SOFTWARE. STATIC SOURCE CODE ANALYSIS ALLOWS ORGANIZATIONS TO FIND AND FIX DEFECTS AT THE EARLIEST STAGE IN THE SOFTWARE DEVELOPMENT LIFE CYCLE, SAVING MILLIONS OF DOLLARS IN ASSOCIATED COSTS. PREVENT SQS IS THE INDUSTRY STANDARD BECAUSE ONLY COVERITY UNDERSTANDS THE STRICT REQUIREMENTS OF STATIC SOURCE CODE ANALYSIS.

  • COVERITY UNDERSTANDS BUILD SYSTEMS—PREVENT SQS MAPS SOFTWARE BY MONITORING YOUR BUILD SYSTEM AT THE OPERATING SYSTEM PROCESS LEVEL TO OBTAIN A CLEAR VIEW OF EVERY OPERATION.
  • COVERITY UNDERSTANDS SOURCE CODE—PREVENT SQS IDENTIFIES MORE INFORMATION ABOUT SOURCE CODE THAN ANY OTHER PRODUCT ON THE MARKET TODAY; ITS STRUCTURE, ITS MEANING, AND ITS INTENT ARE ALL UTILIZED TO UNCOVER CRITICAL FLAWS AND VULNERABILITIES.
  • COVERITY UNDERSTANDS DEVELOPERS—PREVENT SQS RESOLVES DEFECTS BY PROVIDING USERS WITH A CUSTOMIZABLE WORKFLOW, COMPREHENSIVE ANALYTICS, AND EASY-TO-USE TOOLS THAT ALLOW DEFECTS TO BE ADDRESSED WITHIN MINUTES.

FORTIFY SOURCE CODE ANALYSIS (SCA) (COMMERCIAL)

http://www.fortifysoftware.com/products/sca/

FORTIFY SCA IS THE WORLD'S MOST PROVEN AND WIDELY USED SOURCE CODE SECURITY ANALYSIS SOLUTION. ITS ADVANCED FEATURES ENABLE SECURITY PROFESSIONALS TO REVIEW MORE CODE AND PRIORITIZE ISSUES IN LESS TIME, WHILE HELPING DEVELOPMENT TEAMS IDENTIFY AND FIX ISSUES EARLY AND WITH LESS EFFORT. FORTIFY SCA SUPPORTS A WIDE VARIETY OF LANGUAGES, FRAMEWORKS AND OPERATING SYSTEMS AND DELIVERS DEPTH AND ACCURACY IN ITS RESULTS. IT CAN BE TUNED TO BE COMPREHENSIVE WHEN COMPLETENESS IS NEEDED OR EXTREMELY TARGETED FOR DAY-TO-DAY USE IN DEVELOPMENT. IT MAKES TRIAGE, FULL-SCALE AUDITS AND REMEDIATION FAST AND EFFECTIVE.

PSCAN

http://packetstormsecurity.org/UNIX/misc/pscan-1.2.tar.gz

PSCAN CHECKS C SOURCE CODE FOR PROBLEMATIC USES OF PRINTF STYLE FUNCTIONS SUCH AS "SPRINTF(BUFFER, VARIABLE)", WHICH HAVE BEEN THE SOURCE OF MANY SECURITY HOLES. IT DOES NOT CHECK FOR BUFFER OVERFLOWS OR OTHER MISUSE OF FUNCTION PARAMETERS.

FLAWFINDER

http://www.dwheeler.com/flawfinder/

FLAWFINDER IS A PROGRAM THAT EXAMINES SOURCE CODE AND REPORTS POSSIBLE SECURITY WEAKNESSES (“FLAWS”) SORTED BY RISK LEVEL. IT'S VERY USEFUL FOR QUICKLY FINDING AND REMOVING AT LEAST SOME POTENTIAL SECURITY PROBLEMS BEFORE A PROGRAM IS WIDELY RELEASED TO THE PUBLIC.

RATS

http://www.fortifysoftware.com/security-resources/rats.jsp

RATS - ROUGH AUDITING TOOL FOR SECURITY - AN OPEN SOURCE TOOL DEVELOPED AND MAINTAINED BY SECURE SOFTWARE SECURITY ENGINEERS. SECURE SOFTWARE WAS RECENTLY ACQUIRED BY FORTIFY SOFTWARE, INC. RATS IS A TOOL FOR SCANNING C, C++, PERL, PHP AND PYTHON SOURCE CODE AND FLAGGING COMMON SECURITY RELATED PROGRAMMING ERRORS SUCH AS BUFFER OVERFLOWS AND TOCTOU (TIME OF CHECK, TIME OF USE) RACE CONDITIONS.

SPLINT

http://www.splint.org/

SPLINT IS A TOOL FOR STATICALLY CHECKING C PROGRAMS FOR SECURITY VULNERABILITIES AND CODING MISTAKES.

MOPS

http://www.cs.berkeley.edu/~daw/mops/

MOPS IS A TOOL FOR FINDING SECURITY BUGS IN C PROGRAMS AND FOR VERIFYING CONFORMANCE TO RULES OF DEFENSIVE PROGRAMMING. THIS IS TARGETED AT DEVELOPERS WRITING SECURITY-CRITICAL PROGRAMS AND AT SECURITY AUDITORS REVIEWING THE SECURITY OF EXISTING C CODE.

DOXYGEN

http://www.stack.nl/~dimitri/doxygen/

DOXYGEN IS A DOCUMENTATION SYSTEM FOR C++, C, JAVA, OBJECTIVE-C, PYTHON, IDL (CORBA AND MICROSOFT FLAVORS) AND TO SOME EXTENT PHP, & C#.

IT CAN HELP YOU IN THREE WAYS:

IT CAN GENERATE AN ON-LINE DOCUMENTATION BROWSER (IN HTML) AND/OR AN OFF-LINE REFERENCE MANUAL (IN) FROM A SET OF DOCUMENTED SOURCE FILES. THERE IS ALSO SUPPORT FOR GENERATING OUTPUT IN RTF (MS-WORD), POSTSCRIPT, HYPERLINKED PDF, COMPRESSED HTML, AND UNIX MAN PAGES. THE DOCUMENTATION IS EXTRACTED DIRECTLY FROM THE SOURCES, WHICH MAKES IT MUCH EASIER TO KEEP THE DOCUMENTATION CONSISTENT WITH THE SOURCE CODE.

YOU CAN CONFIGURE DOXYGEN TO EXTRACT THE CODE STRUCTURE FROM UNDOCUMENTED SOURCE FILES. THIS IS VERY USEFUL TO QUICKLY FIND YOUR WAY IN LARGE SOURCE DISTRIBUTIONS. YOU CAN ALSO VISUALIZE THE RELATIONS BETWEEN THE VARIOUS ELEMENTS BY MEANS OF INCLUDE DEPENDENCY GRAPHS, INHERITANCE DIAGRAMS, AND COLLABORATION DIAGRAMS, WHICH ARE ALL GENERATED AUTOMATICALLY.

DOXYGEN IS DEVELOPED UNDER LINUX AND MAC OS X, BUT IS SET-UP TO BE HIGHLY PORTABLE. AS A RESULT, IT RUNS ON MOST OTHER UNIX FLAVORS AS WELL. FURTHERMORE, EXECUTABLES FOR WINDOWS ARE AVAILABLE.

LCOV

http://ltp.sourceforge.net/coverage/lcov.php

LCOV IS AN EXTENSION OF GCOV, A GNU TOOL WHICH PROVIDES INFORMATION ABOUT WHAT PARTS OF A PROGRAM ARE ACTUALLY EXECUTED (I.E. "COVERED") WHILE RUNNING A PARTICULAR TEST CASE. THE EXTENSION CONSISTS OF A SET OF PERL SCRIPTS WHICH BUILD ON THE TEXTUAL GCOV OUTPUT TO IMPLEMENT THE FOLLOWING ENHANCED FUNCTIONALITY:

HTML BASED OUTPUT: COVERAGE RATES ARE ADDITIONALLY INDICATED USING BAR GRAPHS AND SPECIFIC COLORS.
SUPPORT FOR LARGE PROJECTS: OVERVIEW PAGES ALLOW QUICK BROWSING OF COVERAGE DATA BY PROVIDING THREE LEVELS OF DETAIL: DIRECTORY VIEW, FILE VIEW AND SOURCE CODE VIEW.

LCOV WAS INITIALLY DESIGNED TO SUPPORT LINUX KERNEL COVERAGE MEASUREMENTS (REQUIRES THE GCOV-KERNEL PACKAGE, BUT WORKS AS WELL FOR COVERAGE MEASUREMENTS ON STANDARD USER SPACE APPLICATIONS.

OLLYDBG

http://www.ollydbg.de/

OLLYDBG IS A 32-BIT ASSEMBLER LEVEL ANALYSING DEBUGGER FOR MICROSOFT® WINDOWS®. EMPHASIS ON BINARY CODE ANALYSIS MAKES IT PARTICULARLY USEFUL IN CASES WHERE SOURCE IS UNAVAILABLE. OLLYDBG IS A SHAREWARE, BUT YOU CAN DOWNLOAD AND USE IT FOR FREE. SPECIAL HIGHLIGHTS ARE:

  • INTUITIVE USER INTERFACE, NO CRYPTICAL COMMANDS
  • CODE ANALYSIS - TRACES REGISTERS, RECOGNIZES PROCEDURES, LOOPS, API CALLS, SWITCHES, TABLES, CONSTANTS AND STRINGS
  • DIRECTLY LOADS AND DEBUGS DLLS
  • OBJECT FILE SCANNING - LOCATES ROUTINES FROM OBJECT FILES AND LIBRARIES
  • ALLOWS FOR USER-DEFINED LABELS, COMMENTS AND FUNCTION DESCRIPTIONS
  • UNDERSTANDS DEBUGGING INFORMATION IN BORLAND® FORMAT
  • SAVES PATCHES BETWEEN SESSIONS, WRITES THEM BACK TO EXECUTABLE FILE AND UPDATES FIXUPS
  • OPEN ARCHITECTURE - MANY THIRD-PARTY PLUGINS ARE AVAILABLE
  • NO INSTALLATION - NO TRASH IN REGISTRY OR SYSTEM DIRECTORIES
  • DEBUGS MULTITHREAD APPLICATIONS
  • ATTACHES TO RUNNING PROGRAMS
  • CONFIGURABLE DISASSEMBLER, SUPPORTS BOTH MASM AND IDEAL FORMATS
  • MMX, 3DNOW! AND SSE DATA TYPES AND INSTRUCTIONS, INCLUDING ATHLON EXTENSIONS
  • FULL UNICODE SUPPORT
  • DYNAMICALLY RECOGNIZES ASCII AND UNICODE STRINGS - ALSO IN DELPHI FORMAT!
  • RECOGNIZES COMPLEX CODE CONSTRUCTS, LIKE CALL TO JUMP TO PROCEDURE
  • DECODES CALLS TO MORE THAN 1900 STANDARD API AND 400 C FUNCTIONS
  • GIVES CONTEXT-SENSITIVE HELP ON API FUNCTIONS FROM EXTERNAL HELP FILE
  • SETS CONDITIONAL, LOGGING, MEMORY AND HARDWARE BREAKPOINTS
  • TRACES PROGRAM EXECUTION, LOGS ARGUMENTS OF KNOWN FUNCTIONS
  • SHOWS FIXUPS
  • DYNAMICALLY TRACES STACK FRAMES
  • SEARCHES FOR IMPRECISE COMMANDS AND MASKED BINARY SEQUENCES
  • SEARCHES WHOLE ALLOCATED MEMORY
  • FINDS REFERENCES TO CONSTANT OR ADDRESS RANGE
  • EXAMINES AND MODIFIES MEMORY, SETS BREAKPOINTS AND PAUSES PROGRAM ON-THE-FLY
  • ASSEMBLES COMMANDS INTO THE SHORTEST BINARY FORM
  • STARTS FROM THE FLOPPY DISK

RCOV

http://labs.musecurity.com/wp-content/uploads/2007/03/rcov-01tar.gz

RCOV IS A WEBRICK APPLICATION THAT USES THE COMPILE/RUNTIME OUTPUT GENERATED BY GCOV, USES THE BROWSER FOR NAVIGATION (TESTED WITH FIREFOX AND SAFARI), CROSS LINKS THE SOURCE USING CTAGS AND DECORATES THE OUTPUT USING THE RUNTIME COVERAGE DATA GENERATED BY THE PROGRAM UNDER EXECUTION. YOU CAN THINK OF THIS AS A CROSS BETWEEN DOXYGEN AND LCOV.

ONCE RCOV IS FIRED UP WITH THE ROOT DIRECTORY OF THE TARGET’S SOURCE, IT WILL FIRST READ THE VARIOUS GCDA FILES GENERATED BY THE COMPILER. IT WILL THEN LISTEN ON LOCALHOST: 8080 AND YOU CAN POINT YOUR BROWSER TO THIS URL. RUN YOUR FUZZER AGAINST THE TARGET AND EACH TIME THE TARGET EXITS, THE GCOV COMPILED TARGET WILL DUMP A BUNCH OF GCNO FILES. REFRESH YOUR BROWSER WINDOW AND YOU SHOULD SEE THE SOURCE FILES UPDATED WITH COVERAGE INFORMATION.

PAIMEI

http://pedram.redhive.com/PaiMei/docs/

PAIMEI, IS A REVERSE ENGINEERING FRAMEWORK CONSISTING OF MULTIPLE EXTENSIBLE COMPONENTS. THE FRAMEWORK CAN ESSENTIALLY BE THOUGHT OF AS A REVERSE ENGINEER'S SWISS ARMY KNIFE AND HAS ALREADY BEEN PROVEN EFFECTIVE FOR A WIDE RANGE OF BOTH STATIC AND DYNAMIC TASKS SUCH AS FUZZER ASSISTANCE, CODE COVERAGE TRACKING, DATA FLOW TRACKING AND MORE. THE FRAMEWORK BREAKS DOWN INTO THE FOLLOWING CORE COMPONENTS:

  • PYDBG: A PURE PYTHON WIN32 DEBUGGING ABSTRACTION CLASS.
  • PGRAPH: A GRAPH ABSTRACTION LAYER WITH SEPERATE CLASSES FOR NODES, EDGES AND CLUSTERS.
  • PIDA: BUILT ON TOP OF PGRAPH, PIDA AIMS TO PROVIDE AN ABSTRACT AND PERSISTENT INTERFACE OVER BINARIES (DLLS AND EXES) WITH SEPARATE CLASSES FOR REPRESENTING FUNCTIONS, BASIC BLOCKS AND INSTRUCTIONS. THE END RESULT IS THE CREATION OF A PORTABLE FILE THAT WHEN LOADED ALLOWS YOU TO ARBITRARILY NAVIGATE THROUGHOUT THE ENTIRE ORIGINAL BINARY. A LAYER ABOVE THE CORE COMPONENTS YOU WILL FIND THE REMAINDER OF THE PAIMEI FRAMEWORK BROKEN INTO THE FOLLOWING OVER-ARCHING COMPONENTS:
  • UTILITIES: A SET OF UTILITIES FOR ACCOMPLISHING VARIOUS REPETITIVE TASKS.
  • CONSOLE: A PLUGGABLE WXPYTHON GUI FOR QUICKLY AND EFFICIENTLY ROLLING OUT YOUR OWN SEXY RE UTILITIES.
  • SCRIPTS: INDIVIDUAL SCRIPTS FOR ACCOMPLISHING VARIOUS TASKS. ONE VERY IMPORTANT EXAMPLE OF WHICH IS THE PIDA_DUMP.PY IDA PYTHON SCRIPT WHICH IS RUN FROM IDA TO GENERATE .PIDA MODULES.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License