Awesome IDA, x64DBG & OllyDBG plugins

A curated list of IDA x64DBG and OllyDBG plugins. IDA is a powerful disassembler and debugger that allows to analyze binary, it also includes a decompiler. X64DBG is an open-source x64/x32 debugger for Windows. OllyDbg is a 32-bit assembler level analysing debugger for Windows.

Content

• IDA Plugins
• X64dbg Plugins
• OllyDBG Plugins

IDA Plugins

• Keypatch: Friendly assembly-level patching/searching plugin (using multi-arch assembler framework Keystone engine inside).
• Lazy ida: Add functionalities such as function return removing, converting data, scanning for string vulnerabilities.
• IDAemu: Use for emulating code in IDA Pro. It is based on unicorn-engine.
• IDA_EA: A set of exploitation/reversing aids for IDA.
• Labeless: System for labels/comments synchronization with a debugger backend.
• Idadiff: A diffing tool using Machoc Hash.
• IDA Skin: Plugin providing advanced skinning support for IDA Pro utilizing Qt stylesheets, similar to CSS.
• Auto Re: Auto-renaming dummy-named functions, which have one API call or jump to the imported API.
• IDA IPython: An IDA Pro Plugin for embedding an IPython.
• IDA Sploiter: An exploit development and vulnerability research plugin.
• IDATropy: It is designed to generate charts of entropy and histograms using the power of idapython and matplotlib.
• IDA Patcher: It is designed to enhance IDA's ability to patch binary files and memory.
• IDAHunt: Analyze binaries with IDA Pro and hunt for things in IDA Pro.
• IDA for Delphi: IDA Python Script to Get All function names from Event Constructor (VCL).
• IDA ARM Highlight: Highlighting and decoding ARM system instructions.
• BinDiff: It is a comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code.
• Diaphora: It is a program diffing plugin for IDA, similar to Zynamics Bindiff.
• Yaco: Collaborative Reverse-Engineering for IDA.
• IDASignSrch: It can recognize tons of compression, multimedia and encryption algorithms and many other things like known strings and anti-debugging code.
• Findcrypt2: It searches constants known to be associated with cryptographic algorithm in the code.
• Driver Buddy: It assists with the reverse engineering of Windows kernel drivers.
• Heap Viewer: Used to examine the glibc heap, focused on exploit development.
• IDAScope: It consists of multiple tabs, containing functionality to achieve different goals such as fast identification of semantically interesting locations.
• HexRayPytools: Assist in the creation of classes/structures and detection of virtual tables.
• Ponce: Symbolic Execution just one-click away!
• idenLib.py: idenLib (Library Function Identification ) plugin for IDA Pro
• J.A.R.V.I.S A plugin for IDA Pro to assist you with the most common reversing tasks. It integrates with the (J.A.R.V.I.S) tracer.
• golang_loader_assist: Making GO reversing easier in IDA Pro
• FindYara: IDA python plugin to scan binary with yara rules.

x64dbg Plugins

• Checksec: x64dbg plugin to check security settings.
• ClawSearch: A memory scanner plugin for x64dbg, inspired by Cheat Engine.
• x64DBGPYLIB: Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.
• xAnalyzer: It is capable of doing various types of analysis over the static code of the debugged application to give more extra information to the user.
• x64DBGIDA: Official x64dbg plugin for IDA Pro.
• x64dbg Dark Theme: Simple dark theme.
• X64DBG YaraGen: Generate Yara rules from function basic blocks.
• Diff: Very simple plugin to diff a section in memory with a file.
• Unpacking Script: Unpacking script for x64dbg.
• Anti Anti: Open-source user-mode Anti-Anti-Debug plugin.
• ScyllaHide: https://github.com/x64dbg/ScyllaHide
• Highlightfish: Plugin to customize x64dbg.
• TitanHide: It is a driver intended to hide debuggers from certain processes.
• idenLibX: idenLib (Library Function Identification ) plugin for x32dbg/x64dbg

OllyDBG Plugins

• OllyDumpEx: This plugin is process memory dumper for OllyDbg.
• OllyDeobfuscator: Deobfuscator for Olly.
• Phantom: Anti anti-debug trick.
• TLSCatch 0.3: This plugin simply intercepts any new module loaded into the current process address space, searches it for TLS callbacks.
• AnalyzeThis: Assisting for unpacking.