Polaris Current Projects
Freezing Home

Polaris current works

Polaris past works

Interesting resources

Ice Age - Polaris' Diary

 

The AZURE IDA Pro plugin

The Azure IDA Pro plugin is designed to scan the IDA database in search of known signatures. The idea is to have a PETools  integrated into IDA ;)

Currently, the signature are taken from PETools: all credits for the signature goes to the PETools team... THANKS!

AZURE 1.0 running on IDA Pro 4.51:

AZURE for PVDasm is is finally released... Have a look at its first shot (running on PVDasm 1.5d):

Go download the AZURE plugin for IDA Pro 4.5  NOW!

Go download the AZURE plugin for IDA Pro 4.7 now!

Go download the AZURE plugin for PVDasm 1.5d NOW!

Please, since AZURE is still in "early" phase, CONTRIBUTE YOUR WISHES! What you wanna see implemented? What are your needs?

 

REC Documenting

This project aims at documenting the Reverse Engineering Compiler in depth, in order to make it one of the "tools of the trade" of reverse engineers instead than a standalone prototype.

Latest binary can be found here: Latest REC Build

Tools that will be used: IDA Pro (with degugger), INQUISITION and brain

27/06/04 - Improving Options comments

Everybody having used REC in its interactive mode will probably have seen the interactive option screen:

The only SMALL problem is that not every option is commented out. As first result of the REC project, we are now able to insert comments for every option.

For example, the validatereg option, which is originally uncommented, has got now its own comment "Validate Regions". Check the following examples by yourself.

First:

After:

The options that are currently uncommented (probably I'd better tell which options are commented out:)) are:

compactexprs -

compactifs -

compset -

dfoproc -

displaylabels -

docase -

dofor -

doifs -

doloops -

donullgotos -

dopackloops -

dopackstmts -

doremlabs -

dosimplify -

dosort -

dostmts -

doswitch -

dowhile -

dumpaddress -

dumpcall -

dumpcomments -

dumpdfo -

dumpsblocks -

dumpsets -

dumpsize -

dumpstmtsid - Dump Id Number For Every Statement

flag16 -

genpattern -

hexconst - Display Const In Hex Format

insertlabels -

int16 -

int32 -

isvb5 -

locals -

okclone -

outprocs -

outrefs -

rdonly -

showblocks - Display BBlocks List

showjump - Display Jump List

showlabels - Display Label List

showreg - Display Region List

showstring - Display String List

simplifyexprs -

stackalign16 -

stackalign 8 -

stackalign4 -

traceall -

tracesets -

types -

usesymtab -

validatebr - Validate Branches

validatereg -Validate Regions

Currently, nine options have been commented, thus enhancing the usability of the interactive interface of REC.

CURRENTLY THE REC - DOCUMENTING PROJECT IS PUT ON HOLD FOR LACK OF INTEREST.