IDA-Pro/plugins/flare-ida

From aldeid
Jump to navigation Jump to search
You are here:
FLARE-IDA

Description

Collection of IDA Pro scripts and plugins used by the FireEye Labs Advanced Reverse Engineering (FLARE) team.

Installation

Environment variables

Create following environment variables

Variable Value
Path [REMOVED];C:\Python27;C:\Python27\scripts
PYTHONPATH C:\Python27\Lib\flare;C:\Python27\Lib\vivisect

Vivisect

Download vivisect and copy it to C:\Python27\Lib: 

C:\> mkdir \temp
C:\> cd \temp
C:\temp>git clone https://github.com/vivisect/vivisect.git
C:\temp>xcopy vivisect \Python27\Lib /s /e /i

Flare IDA

Download flare-ida and install as follows: 

C:\> cd \temp
C:\temp> git clone https://github.com/fireeye/flare-ida.git
C:\temp> copy flare-ida\plugins\* "C:\Program Files (x86)\IDA 6.6\plugins"
C:\temp> xcopy flare-ida\python\flare C:\Python27\Lib /s /e /i

Tests

In IDA Pro, display the output window (Window > Output Window) and enter these commands to check that there is no error: 

import vivisect
import stackstrings
from PySide import QtGui

If you have the ImportError described in the below links, ensure you have installed IDA Pro as recommended here.

Comments

Keywords: IDA-Pro plugins reverse-engineering







Retrieved from "https://www.aldeid.com/w/index.php?title=IDA-Pro/plugins/flare-ida&oldid=33762"