PyDA
PyDA copied to clipboard
jchristman
Python binary DisAssembler
Give the ability to search by bytes, opcodes, text, immediate, comment, etc.
CsInsn is basically the common format we already wanted. It also includes a ton of information about the instruction: 1. Operand types a. Register - needed for stack tracking -...
Highlight matching occurrences of a given item. For example, if a local var is selected, highlight all occurrences within the scope of the current function. If an address/global var is...
Should jump to the associated address/function on double click/enter and keep a queue of jumps allowing 'Esc' to return to where we were. Needs to be done: - 'Location' stack...
Some future ideas that are far enough on the horizon to all be grouped here for now: *\* delete instructions with no xrefs *\* for each "call loc_1234", mark 1234...
Could operate in a couple different ways: 1. The plugin maintains a list of 'known vulnerable functions'. It then scans the binary and makes a list of any calls to...
Create a way to identify variables within assembly. This will depend on architecture and calling convention: As a rough example on x86: 1. Local - $rsp relative 2. Arguments -...
Implement a recursive descent disassembly instead of a flat sweep to improve the accuracy and brevity of disassembled data.
Requires a designation that the current operand is an immediate value.
I loaded the bookworm_arm file, and then the elf-Linux-x64. $ python ./PyDA.py Building app Running mainloop [Error] PE.**getPEOffset() - Bad PE signature File header did not match PE Processing Functions...
