Search the Community
Showing results for tags 'synchronize'.
-
ret-sync stands for Reverse-Engineering Tools SYNChronization. It is a set of plugins that help to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg/OllyDbg2/x64dbg) with a disassembler (IDA/Ghidra). The underlying idea is simple: take the best from both worlds (static and dynamic analysis). Debuggers and dynamic analysis provide us with: local view, with live dynamic context (registers, memory, etc.) built-in specialized features/API (ex: WinDbg’s !peb, !drvobj, !address, etc.) Disassemblers and static analysis provide us with: macro view over modules code analysis, signatures, types, etc. fancy graph view decompilation persistent storage of knowledge within IDBs/GPRs Key features: synchronize graph and decompilation views with debugger’s state no need to deal with ASLR, addresses are rebased on-the-fly pass data (comment, command output) from the debugger to disassembler multiple IDBs/GPRs can be synced at the same time allowing to easily trace through multiple modules disassembler and debugger can be on different hosts / VMs [hide][Hidden Content]]
-
- 1
-
- ret-sync:
- synchronize
- (and 3 more)