Potential IOCTL codes can be decoded by selecting the value in IDA and using the " Ctrl+Alt+D" shortcut or the right-click context menu option. Pip install Usage Overview Decode IOCTL Codes Just drop the 'win_driver_plugin.py' file and the entire 'win_driver_plugin' folder into IDA's plugin directory. If you want FLOSS to be used when hunting for device names, you can install it with the following commands: pip install The source code is hosted on GitHub under a 3-clause BSD license. This is an IDA Pro plugin designed to assist reverse engineers when they are reversing Windows drivers or applications that interact with them.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |