IDACyber: Data Visualization Plugin for IDA Pro
IDACyber is a plugin for the Interactive Disassembler which is capable of visualizing the currently loaded IDB’s data. This can be useful for identifying structures and patterns of binary blobs where extended information such as a header is not available (firmware dumps/images etc.).
Requirements
- IDA Pro 7.x at a minimum
Installation
git clone https://github.com/patois/IDACyber.git
Please copy idacyber.py along with the “cyber” subfolder to your IDA “plugins” folder.
Usage
- Press Ctrl-P to invoke the plugin
Writing color filters
A color filter is nothing but a separate Python file that inherits from the ColorFilter class. Custom filters can be added by copying them to the “cyber” subfolder (idadir/plugins/). For examples, please refer to the color filters located in the “cyber” subfolder.
GUI, mouse and keyboard controls
- Checkboxes
- Sync: Synchronizes plotted data to IDA cursor and vice versa
- Mouse controls
- Left mousebutton + mouse movement: Vertical scrolling
- Mousewheel: Fine grained vertical scrolling
- Double click: Jump to address under cursor
- Mouse Modifiers
- X: Change width
- H: Change width at 16byte boundary
- Shift: Fine grained scrolling
- Ctrl: Zoom
- Keyboard shortcuts
- g – Specify address to jump to
- F2 – Display information about current filter
- F12 – Export as bitmap
Copyright (c) 2017 Dennis Elser
Source: https://github.com/patois/
