IDA Pro plug-in conversion of Luigi Auriemma's signsrch signature matching tool. July 2018, updated to IDA 7.1 Luigi's original signsrch description: 'Tool for searching signatures inside files, extremely useful as help in reversing jobs like figuring or having an initial idea of what encryption/- compression algorithm is used for a proprietary protocol or file.
![]() ![]()
Is there any disassembler (not only a live debugger) second to IDA in capabilities? IDA is wonderful, and somewhat amazing in how robust and useful it is for reversing. However, it is quite expensive to properly license. Is there any viable alternative, or does IDA hold the monopoly on this market?I don't expect an alternative to be as good as IDA, just looking for other options that may be more affordable, and useful enough.EDIT: Preferrably, multi-platform support should exist, though that's optional. MIPS, ARM, x86, and x86-64 would be nice, but a disassembler that handles any one of those is a good option to know about. If you were looking for a contender, I believe and can compete in part for and in part for.That said, there is a big gap between the capabilities you get with the aforementioned software and IDA.IDA Pro is pretty unique with its capabilities and if you add the Hex-Rays Decompiler Plugin into the equation, things look bleak for the wannabe contenders. However, for casual disassembly and even some decompiling Hopper seems a good choice for anyone not willing to shell out hundreds of bucks for IDA Pro.
If you want a free ride, is probably the next in line, but it takes some getting used to.Having gotten my first IDA Pro Standard license as a student I have to admit the price point is steep, but it's worth every penny. When I began to work professionally with RCE-related things I upgraded to the 'normal' license first and later upgraded to IDA Pro Advanced to get the x64 support.Also keep in mind there is with license restrictions (but suitable for hobbyists or students) and restrictions of the capabilities. Some other disassemblers / decompilersW32DASM was an excellent 16/32 bit disassembler for Windows, it seems it is no longer developed. Is a commercial interactive disassembler for x86, x64 and ARM software with loaders for PE or ELF file formats. It supports interactive flat and graph views of the disassembly, generating call and reference graphs, binary diffing two executables, exploring the executable file's structure and a Ruby plugin API. It can also handle things like symbols (PDB's), function local variables, switch statements, exception handlers, static library identification and more.is an open source disassembler with x86, x64, z80 and partial ARM support.
![]()
It runs on Windows and Linux. It has interactive flat and graph views.
![]() Comments are closed.
|
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |