制作IDA签名库的工具。
FLAIR -- Fast Library Acquisition for Identification and Recognition
===================================================
FLAIR utilities allow you to create your own signature files from
OBJECT or LIBRARY files for IDA Pro v3.8 or higher.
FLAIR consists of the following executables:
plb parselib processes OMF libraries and creates PAT file
pcf parsecoff processes COFF libraries and creates PAT file
pelf parseelf processes ELF libraries and creates PAT file
ppsx parsepsx processes PSX libraries and creates PAT file (Sony Playstation)
ptmobj parsetobj processes Trimedia libraries .... .... ....
pomf166 Keil C166 object files (old format)
sigmake sigmake takes PAT files as input and creates SIG file
zipsig zipsig compresses and uncompresses SIG files
dumpsig dumpsig dumps contents of SIG file in a text form.
Typical scenario of a signature creation is:
- run a parser and create pattern (PAT) files
- run sigmake and get EXC file with collisions
- edit EXC file and resolve collisions
- run sigmake again and get SIG file
- repeat the above 2 steps till collisions exist
- run zipsig and get compressed SIG file
下载地址:
http://u.115.com/file/bhnji82s#
Flair.v5.20.rar
已经有(1)位网友发表了评论,你也评一评吧!
原创文章如转载,请注明:转载自Eddy Blog
原文地址:http://www.rrgod.com/j-software/778.html 欢迎订阅Eddy Blog。
这个工具已经升到5.2啊