Skip to content
/ FIDL Public
forked from mandiant/FIDL

A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

License

Notifications You must be signed in to change notification settings

eset/FIDL

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Documentation Status

███████╗██╗██████╗ ██╗     
██╔════╝██║██╔══██╗██║     
█████╗  ██║██║  ██║██║     
██╔══╝  ██║██║  ██║██║     
██║     ██║██████╔╝███████╗
╚═╝     ╚═╝╚═════╝ ╚══════╝

FLARE IDA Decompiler Library

FIDLing with the decompiler API

This is a set of utilities wrapping the decompiler API into something sane. This code focus on vulnerability research and bug hunting, however most of the functionality is generic enough to be used for broader reverse engineering purposes.

Installation

The recommended way to install this is to use python's pip. Keep in mind that you have to use the pip corresponding to the Python installation IDA is using. In case you have more than one installation (for example 32 and 64 bits), you can find which one IDA uses by typing this into the console:

import sys
sys.version

cd to the directory containing setup.py

Release mode: pip install .

Development (editable) mode: pip install -e .[dev]

In development mode, pip will install pytest and some linters helpful while developing, as well as creating symbolic links under python's packages directory instead of copying FIDL to it. This allows you to modify your .py files and test on the fly, without needing to reinstall every time you make a change :)

Documentation

You can find up to date documentation online here

The source distribution has built-in documentation here

About

A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 98.7%
  • Other 1.3%