Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'bindiffing'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

Found 2 results

  1. Diaphora is a plugin for IDA Pro that aims to help in the typical BinDiffing tasks. It’s similar to other competitor products and open sources projects like Zynamics BinDiff, DarunGrim, or TurboDiff. However, it’s able to perform more actions than any of the previous IDA plugins or projects. Diaphora is distributed as a compressed file with various files and folders inside it. The structure is similar to the following one: diaphora.py: The main IDAPython plugin. It contains all the code of the heuristics, graphs displaying, export interface, etc… jkutils/kfuzzy.py: This is an unmodified version of the kfuzzy.py library, part of the DeepToad project, a tool and a library for performing fuzzy hashing of binary files. It’s included because fuzzy hashes of pseudo-codes are used as part of the various heuristics implemented. jkutils/factor.py: This is a modified version of a private malware clusterization toolkit based on graphs theory. This library offers the ability to factor numbers quickly in Python and, also, to compare arrays of prime factors. Diaphora uses it to compare fuzzy AST hashes and call graph fuzzy hashes based on small-primes-products (an idea coined and implemented by Thomas Dullien and Rolf Rolles first, authors or former authors of the Zynamics BinDiff commercial product, in their “Graph-based comparison of Executable Objects – Zynamics” paper). Pygments/: This directory contains an unmodified distribution of the Python pygments library, a “generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code”. [hide][Hidden Content]]
  2. Diaphora is a plugin for IDA Pro that aims to help in the typical BinDiffing tasks. It’s similar to other competitor products and open sources projects like Zynamics BinDiff, DarunGrim, or TurboDiff. However, it’s able to perform more actions than any of the previous IDA plugins or projects. Diaphora is distributed as a compressed file with various files and folders inside it. The structure is similar to the following one: diaphora.py: The main IDAPython plugin. It contains all the code of the heuristics, graphs displaying, export interface, etc… jkutils/kfuzzy.py: This is an unmodified version of the kfuzzy.py library, part of the DeepToad project, a tool and a library for performing fuzzy hashing of binary files. It’s included because fuzzy hashes of pseudo-codes are used as part of the various heuristics implemented. jkutils/factor.py: This is a modified version of a private malware clusterization toolkit based on graphs theory. This library offers the ability to factor numbers quickly in Python and, also, to compare arrays of prime factors. Diaphora uses it to compare fuzzy AST hashes and call graph fuzzy hashes based on small-primes-products (an idea coined and implemented by Thomas Dullien and Rolf Rolles first, authors or former authors of the Zynamics BinDiff commercial product, in their “Graph-based comparison of Executable Objects – Zynamics” paper). Pygments/: This directory contains an unmodified distribution of the Python pygments library, a “generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code”. Changelog v2.0.6 BUG: Do not crash when we cannot analyse one Diaphora SQLite database. BUG: Diaphora was incorrectly searching the pattern ‘{}’ instead of ‘[]’ for empty list field values. Fix for #219. GUI: When a reverser uses the “Diff pseudo-code” option and both codes are equal, show a warning message, but also show the diffing. HEUR: In heuristic “Call Address Sequence” use also the “Partial results” when the function name is the same. HEUR: Added heuristic “Same RVA”. Only matches with a minimum ratio of 0.7 will be considered. HEUR: Removed the “Slow” flag from the heuristic “Same Rare Constant”. HEUR: Use the 3 calculated fuzzy hashes in heuristic “Pseudo-code Fuzzy Hash”. HEUR: Moved heuristic “Similar Pseudo-code and Names” from the probably unreliable category to normal. HEUR: Removed wrong heuristics “Similar Small Pseudo-codes” and “Equal Small Pseudo-codes” because they caused a lot of false positives (heuristics for finding matches tend to fail with small functions, and these were no exception). Also, applied suggestion for issue #220. [hide][Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.