I am just starting to use IDA Pro. After discussing a bit with the community, it seems that IDA Pro plugins and scripts are quite important to reach a good level of productivity while analyzing a program.
What are some must have plugins for IDApro that you would recommend for an everyday usage.
Generic helpers for reverse engineering of a specific architecture.
Generic helpers for reverse engineering of a specific operating system.
Generic helpers for reverse engineering of binaries generated using a specific compiler.
These IDC scripts help with the reversing of MSVC programs. One script scans the whole program for typical SEH/EH code sequences and comments all related structures and fields. The other script scans the whole program for RTTI structures and vftables.
This script deals with Delphi RTTI structures
Borland C++ Builder Run Time Type Information (RTTI) support for IDA Pro
Generic helpers for reverse engineering of a technology.
The plugin tries to extract the symbol information from the typelibrary of the COM component. It will then set the function names of interface methods and their parameters, and finally add a comment with the MIDL-style declaration of the interface method.
mIDA is a plugin for the IDA disassembler that can extract RPC interfaces from a binary file and recreate the associated IDL definition. mIDA is free and fully integrates with the latest version of IDA (5.2 or later)
Generic helpers for reverse engineering of encryption and decryption algorithms.
The idea behind it pretty simple: since almost all crypto algorithms use magic constants, we will just look for these constants in the program body. The plugin supports virtually all crypto algorithms and hash functions.
Plugins and scripts for removing obfuscations from disassembly.
Optimice applies common optimization techniques on obfuscated code to make it more readable/user friendly. This plugin enables you to remove some common obfuscations and rewrite code to a new segment.
