Skip to content

EtherAnnotate IDA Pro Plugin - Parse EtherAnnotate trace files and markup IDA disassemblies with runtime values

Notifications You must be signed in to change notification settings

jeads-sec/etherannotate_ida

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 

Repository files navigation

EtherAnnotate IDA Pro Plugin

Parses the specialized instruction trace files that are generated using the EtherAnnotate Xen modification (http://github.com/inositle/etherannotate_xen).  From the instruction trace, register values and code coverage of the run-time information are visualized in IDA Pro through instruction comments and line colorations.

Note: The Visual Studio solution will most likely not work because it has not been generalized but if you follow the IDA Pro SDK help it should instruct you on how to build an IDA Pro plugin.

Usage: 
   1) Load the IDB or PE file that you want to analyze (unpacked version of executable if needed) into IDA Pro as usual.
   2) Select the EtherAnnotate plugin from IDA's menu and when the file browser window opens, select the trace file that was generated by EtherAnnotate Xen.
   3) The plugin will parse the trace file and annotate instructions found in the trace.

About

EtherAnnotate IDA Pro Plugin - Parse EtherAnnotate trace files and markup IDA disassemblies with runtime values

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published