Skip to content

Instantly share code, notes, and snippets.

hacking intensifies

Tim Strazzere strazzere

hacking intensifies
View GitHub Profile
# quick and dirty bash script to extract .gnu_debugdata section
# from ELF binaries to generate an IDC script that adds these
# names as symbols
# --rpw, 2020-06-21
if [ $# -lt 1 ]; then
echo "you need to supply a path to a binary"
strazzere /
Created Aug 18, 2016 — forked from williballenthin/
generate a yara rule that matches the basic blocks of the current function in IDA Pro
IDAPython script that generates a YARA rule to match against the
basic blocks of the current function. It masks out relocation bytes
and ignores jump instructions (given that we're already trying to
match compiler-specific bytes, this is of arguable benefit).
If python-yara is installed, the IDAPython script also validates that
the generated rule matches at least one segment in the current file.
author: Willi Ballenthin <>