Skip to content

http8080/headless-ida

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

60 Commits
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 

Repository files navigation

Headless IDA

ํ•œ๊ตญ์–ด | English


English

A CLI-based binary analysis system powered by idalib (Hex-Rays official headless library), eliminating the need for IDA Pro GUI.

AI assistants (Claude Code, Cursor, etc.) call ida_cli.py via shell to perform automated binary analysis โ€” no MCP required.

Architecture

User/AI โ†’ ida_cli.py โ†’ HTTP JSON-RPC โ†’ ida_server.py (idalib)
  • No MCP layer โ€” Pure HTTP JSON-RPC communication
  • Single-threaded HTTPServer โ€” Compliant with idalib's single-thread constraint
  • .i64 reuse โ€” Reloads in seconds for repeated analysis
  • Auth tokens โ€” Per-instance Bearer token auto-generation

Why No MCP?

This project intentionally uses plain HTTP JSON-RPC instead of MCP (Model Context Protocol).

HTTP JSON-RPC (this project) MCP
Dependencies Python stdlib only (http.server) MCP SDK + transport layer required
Debugging curl one-liner testable Requires MCP-aware client
AI compatibility Any AI with shell access (Claude Code, Cursor, etc.) MCP-compatible clients only
Context window Zero overhead โ€” just bash commands Tool schemas loaded into AI context, consuming tokens
Script automation Directly callable from bash/Python scripts Requires MCP client library
Deployment Single .py file, zero config Server manifest + schema registration needed
idalib constraint Single-thread HTTPServer maps 1:1 MCP async model conflicts with single-thread restriction

TL;DR โ€” Any AI with shell access can use it immediately. No SDK, no schema registration, no token overhead.

Requirements

Component Version
IDA Pro 9.1+ (idalib support required)
Python 3.12+
OS Windows, Linux, macOS

Setup

Step 1. Install idalib Python package

pip install "<IDA_DIR>/idalib/python/idapro-*.whl"

The .whl file is included in your IDA Pro installation directory.

Step 2. Register IDA path (choose one)

# Option A: Run the activation script (recommended)
python "<IDA_DIR>/idalib/python/py-activate-idalib.py"

# Option B: Set environment variable
# Windows
set IDADIR=C:\Program Files\IDA Professional 9.3
# Linux/macOS
export IDADIR=/opt/ida-9.3

Step 3. Install dependencies

pip install requests psutil

Step 4. Verify and initialize

# Check environment
python tools/ida_cli.py --check

# Create working directories
python tools/ida_cli.py --init

Step 5. Configuration (optional)

Edit tools/config.json to set IDA path and other options:

{
  "ida": {
    "install_dir": "C:/Program Files/IDA Professional 9.3"
  },
  "paths": {
    "idb_dir": "%USERPROFILE%/.ida-headless/idb",
    "log_dir": "%USERPROFILE%/.ida-headless/logs"
  },
  "analysis": {
    "max_instances": 3
  }
}

Note: %USERPROFILE% is automatically mapped to $HOME on Linux/macOS. On Linux/macOS, set install_dir to your IDA path (e.g., /opt/ida-9.3).

Step 6. Global CLI (optional, recommended)

Add bin/ to your system PATH so you can run ida-cli from any directory:

# Windows (PowerShell, permanent)
[Environment]::SetEnvironmentVariable("Path", $env:Path + ";<headless-ida>\bin", "User")

# Linux/macOS
echo 'export PATH="$PATH:<headless-ida>/bin"' >> ~/.bashrc
source ~/.bashrc

After this, you can use ida-cli instead of python tools/ida_cli.py from any directory.

Step 7. Test it works

# Start an instance with any binary
ida-cli start ./samples/target.exe --idb-dir .

# Check status
ida-cli list

# Stop
ida-cli stop <id>

If you see Instance started: id=xxxx and the instance appears in list, the setup is complete.

AI Integration

Once the environment is set up, AI assistants use ida_cli.py commands via shell. You don't need to memorize these โ€” the AI handles it.

Claude Code

  1. Copy the skill file to your project:
# Create skill directory
mkdir -p .claude/commands

# Copy skill file
cp <headless-ida>/tools/ida_cli.py tools/
cp <headless-ida>/.claude/commands/ida.md .claude/commands/
  1. Copy CLAUDE.md to your project root (AI reads this for command reference):
cp <headless-ida>/CLAUDE.md .
  1. Use in Claude Code:
/ida ./target.so

Claude will automatically start an instance, analyze the binary, and report findings.

Note: ida.md and CLAUDE.md are templates. Modify paths, analysis strategies, and options to fit your project and environment.

Other AI Tools (Cursor, GPT, etc.)

Any AI with shell/terminal access can call ida_cli.py directly. Add CLAUDE.md content to your AI's system prompt or project context so it knows the available commands.

Command Reference

Commands are primarily used by AI, listed here for reference.

Instance Management

Command Description
start <binary> Start analysis instance
stop <id> Stop instance
restart <id> Stop and re-start instance (same binary/IDB)
wait <id> Wait for analysis to complete
list List running instances
status [<id>] Show instance status
logs <id> View instance logs
cleanup Remove stale instances

Analysis

Command Description
functions List functions
strings List strings
imports / exports List imports/exports
segments List segments
decompile <addr|name> Decompile function
decompile_batch <addrs> Batch decompile multiple functions
disasm <addr|name> Disassemble
xrefs <addr> Cross-references
callers <addr> Who calls this address (shortcut for xrefs --direction to)
callees <addr> What this function calls (shortcut for xrefs --direction from)
find_func <name> Search functions
func_info <addr|name> Function details
imagebase Get image base address
bytes <addr> <size> Read raw bytes
find_pattern <hex> Byte pattern search
comments <addr> Get comments at address
methods <class> List class methods
summary Comprehensive binary overview (segments, imports, functions, strings)
search-code <query> Search within decompiled pseudocode
cross-refs <addr> [--depth] [--direction] Multi-level xref chain tracing (mermaid/DOT)
basic-blocks <addr> [--format] [--graph-only] Basic blocks + CFG (Control Flow Graph)
func-similarity <addrA> <addrB> Compare function similarity metrics
strings-xrefs [--filter] [--min-refs] Strings with referencing functions
data-refs [--segment] [--filter] Data reference analysis (global variables)
decompile-all --out <file> [--filter] [--split] Decompile all functions to file (--split for one per file)
stack-frame <addr|name> Stack frame layout with local variables and offsets
switch-table <addr|name> Analyze switch/jump tables in a function
type-info list [--kind] List local types (typedef/funcptr/struct/enum)
type-info show <name> Show type details
diff <a> <b> Compare functions between two instances
code-diff <inst_a> <inst_b> Diff decompiled pseudocode between instances
batch <dir> Batch analyze all binaries in a directory
profile run malware Malware profile: C2, crypto, anti-analysis, network APIs
profile run vuln Vulnerability profile: dangerous funcs (memcpy, strcpy, sprintf, system)
profile run firmware Firmware profile: peripherals (UART/SPI/GPIO), protocols, boot
bookmark add <addr> <tag> Tag an address with a bookmark
bookmark list [--tag] List bookmarks

Modification

Command Description
rename <addr> <name> Rename symbol
rename-batch <file> Batch rename from CSV (addr,name) or JSON file
set_type <addr> <type> Set function/variable type
comment <addr> "text" Add comment
save Save database
exec <expr> Execute IDAPython expression (disabled by default)
patch <addr> <hex bytes> Patch bytes at address
auto-rename [--apply] Heuristic rename sub_ functions
shell Interactive IDA Python REPL

Structs & Types

Command Description
structs list [--filter] [--count] [--offset] List all structs/unions
structs show <name> Show struct details with members
structs create <name> --members Create new struct
enums list [--filter] [--count] [--offset] List all enumerations
enums show <name> Show enum details with members
enums create <name> --members Create new enum
search-const <value> Search for constant/immediate values
callgraph <addr> [--depth] [--format] Generate function call graph (mermaid/DOT)
vtables [--min-entries] Detect virtual function tables
sigs list List available FLIRT signatures
sigs apply <name> Apply FLIRT signature

Report & Export

Command Description
report <output.md> Generate markdown analysis report
report <output.html> Generate HTML analysis report
report <out> --functions <addrs> Include function decompilations in report
decompile <addr> --out result.md Decompile to markdown format
annotations export --out <file> Export names/comments/types as JSON
annotations import <file> Import annotations from JSON
snapshot save [--description] Save IDB snapshot
snapshot list List available snapshots
snapshot restore <file> Restore IDB from snapshot
export-script --out <file> Generate reproducible IDAPython script
compare <binary_a> <binary_b> Patch diff two binary versions
code-diff <inst_a> <inst_b> Diff decompiled pseudocode between instances

Utilities

Command Description
update Self-update from git repository
completions --shell <bash|zsh|powershell> Generate shell tab-completion script

Common Options

Option Description
--json JSON output
-i <id> Specify instance ID
-b <hint> Auto-select by binary name
--idb-dir <path> Save IDB to specified directory (or set IDA_IDB_DIR env var)
--with-xrefs Include callers/callees in decompile output
--raw Pure C code without header/address comments (decompile only)
--encoding unicode|ascii Filter strings by encoding type
--count N / --offset N Pagination for list commands (functions, strings, imports, exports)
--max N Limit results for search commands (find_func, find_pattern, search-const, etc.)
--filter <keyword> Filter results by name substring
--count-only Show only total count (functions/strings/imports/exports)
--version Show CLI version

Supported Formats

PE, ELF, Mach-O, FAT, .so, dylib, Raw binary, Intel HEX, SREC

Decompiler: x86/x64, ARM/ARM64, MIPS, PowerPC, RISC-V, V850, ARC

License

Apache License 2.0 โ€” See LICENSE.

A valid IDA Pro license is required separately. Hex-Rays decompiler license is optional (required for decompile commands).


ํ•œ๊ตญ์–ด

IDA Pro GUI ์—†์ด idalib (Hex-Rays ๊ณต์‹ ํ—ค๋“œ๋ฆฌ์Šค ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ)์„ ์‚ฌ์šฉํ•˜์—ฌ CLI์—์„œ ๋ฐ”์ด๋„ˆ๋ฆฌ ๋ถ„์„์„ ์ˆ˜ํ–‰ํ•˜๋Š” ์‹œ์Šคํ…œ.

AI ์–ด์‹œ์Šคํ„ดํŠธ(Claude Code, Cursor ๋“ฑ)๊ฐ€ shell๋กœ ida_cli.py๋ฅผ ํ˜ธ์ถœํ•˜์—ฌ ์ž๋™ ๋ฐ”์ด๋„ˆ๋ฆฌ ๋ถ„์„ โ€” MCP ๋ถˆํ•„์š”.

์•„ํ‚คํ…์ฒ˜

User/AI โ†’ ida_cli.py โ†’ HTTP JSON-RPC โ†’ ida_server.py (idalib)
  • MCP ๋ ˆ์ด์–ด ์—†์Œ โ€” ์ˆœ์ˆ˜ HTTP JSON-RPC ํ†ต์‹ 
  • ๋‹จ์ผ ์Šค๋ ˆ๋“œ HTTPServer โ€” idalib ๋‹จ์ผ ์Šค๋ ˆ๋“œ ์ œ์•ฝ ์ค€์ˆ˜
  • .i64 ์žฌ์‚ฌ์šฉ โ€” ๋ฐ˜๋ณต ๋ถ„์„ ์‹œ ์ˆ˜ ์ดˆ ๋งŒ์— ๋กœ๋“œ
  • ์ธ์ฆ ํ† ํฐ โ€” ์ธ์Šคํ„ด์Šค๋ณ„ Bearer token ์ž๋™ ์ƒ์„ฑ

์™œ MCP๋ฅผ ์•ˆ ์“ฐ๋‚˜?

์ด ํ”„๋กœ์ ํŠธ๋Š” MCP(Model Context Protocol) ๋Œ€์‹  ์ˆœ์ˆ˜ HTTP JSON-RPC๋ฅผ ์˜๋„์ ์œผ๋กœ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค.

HTTP JSON-RPC (์ด ํ”„๋กœ์ ํŠธ) MCP
์˜์กด์„ฑ Python ํ‘œ์ค€ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋งŒ (http.server) MCP SDK + transport ๋ ˆ์ด์–ด ํ•„์š”
๋””๋ฒ„๊น… curl ํ•œ ์ค„๋กœ ํ…Œ์ŠคํŠธ ๊ฐ€๋Šฅ MCP ์ง€์› ํด๋ผ์ด์–ธํŠธ ํ•„์š”
AI ํ˜ธํ™˜์„ฑ shell ์ ‘๊ทผ ๊ฐ€๋Šฅํ•œ ๋ชจ๋“  AI (Claude Code, Cursor ๋“ฑ) MCP ํ˜ธํ™˜ ํด๋ผ์ด์–ธํŠธ์—๋งŒ ์ข…์†
์ปจํ…์ŠคํŠธ ์œˆ๋„์šฐ ์˜ค๋ฒ„ํ—ค๋“œ ์—†์Œ โ€” bash ๋ช…๋ น์–ด๋งŒ ์‚ฌ์šฉ tool schema๊ฐ€ AI ์ปจํ…์ŠคํŠธ์— ๋กœ๋“œ๋˜์–ด ํ† ํฐ ์†Œ๋ชจ
์Šคํฌ๋ฆฝํŠธ ์ž๋™ํ™” bash/Python์—์„œ ๋ฐ”๋กœ ํ˜ธ์ถœ ๊ฐ€๋Šฅ MCP ํด๋ผ์ด์–ธํŠธ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ ํ•„์š”
๋ฐฐํฌ .py ํŒŒ์ผ ํ•˜๋‚˜, ๋ณ„๋„ ์„ค์ • ์—†์Œ ์„œ๋ฒ„ manifest + ์Šคํ‚ค๋งˆ ๋“ฑ๋ก ํ•„์š”
idalib ์ œ์•ฝ ๋‹จ์ผ ์Šค๋ ˆ๋“œ HTTPServer๊ฐ€ 1:1 ๋งคํ•‘ MCP async ๋ชจ๋ธ์ด ๋‹จ์ผ ์Šค๋ ˆ๋“œ ์ œ์•ฝ๊ณผ ์ถฉ๋Œ

์š”์•ฝ โ€” shell ์ ‘๊ทผ ๊ฐ€๋Šฅํ•œ AI๋ฉด ๋ฐ”๋กœ ์‚ฌ์šฉ ๊ฐ€๋Šฅ. SDK ๋ถˆํ•„์š”, ์Šคํ‚ค๋งˆ ๋“ฑ๋ก ๋ถˆํ•„์š”, ํ† ํฐ ์˜ค๋ฒ„ํ—ค๋“œ ์—†์Œ.

์š”๊ตฌ์‚ฌํ•ญ

ํ•ญ๋ชฉ ๋ฒ„์ „
IDA Pro 9.1 ์ด์ƒ (idalib ์ง€์› ํ•„์ˆ˜)
Python 3.12+
OS Windows, Linux, macOS

ํ™˜๊ฒฝ ๊ตฌ์ถ•

Step 1. idalib Python ํŒจํ‚ค์ง€ ์„ค์น˜

pip install "<IDA_DIR>/idalib/python/idapro-*.whl"

IDA Pro ์„ค์น˜ ๋””๋ ‰ํ† ๋ฆฌ์— .whl ํŒŒ์ผ์ด ํฌํ•จ๋˜์–ด ์žˆ์Šต๋‹ˆ๋‹ค.

Step 2. IDA ๊ฒฝ๋กœ ๋“ฑ๋ก (ํƒ์ผ)

# ๋ฐฉ๋ฒ• A: ํ™œ์„ฑํ™” ์Šคํฌ๋ฆฝํŠธ ์‹คํ–‰ (๊ถŒ์žฅ)
python "<IDA_DIR>/idalib/python/py-activate-idalib.py"

# ๋ฐฉ๋ฒ• B: ํ™˜๊ฒฝ ๋ณ€์ˆ˜ ์„ค์ •
# Windows
set IDADIR=C:\Program Files\IDA Professional 9.3
# Linux/macOS
export IDADIR=/opt/ida-9.3

Step 3. ์˜์กด ํŒจํ‚ค์ง€ ์„ค์น˜

pip install requests psutil

Step 4. ๊ฒ€์ฆ ๋ฐ ์ดˆ๊ธฐํ™”

# ํ™˜๊ฒฝ ๊ฒ€์ฆ
python tools/ida_cli.py --check

# ์ž‘์—… ๋””๋ ‰ํ† ๋ฆฌ ์ƒ์„ฑ
python tools/ida_cli.py --init

Step 5. ์„ค์ • (์„ ํƒ์‚ฌํ•ญ)

tools/config.json์—์„œ IDA ๊ฒฝ๋กœ ๋“ฑ ์„ค์ •:

{
  "ida": {
    "install_dir": "C:/Program Files/IDA Professional 9.3"
  },
  "paths": {
    "idb_dir": "%USERPROFILE%/.ida-headless/idb",
    "log_dir": "%USERPROFILE%/.ida-headless/logs"
  },
  "analysis": {
    "max_instances": 3
  }
}

์ฐธ๊ณ : %USERPROFILE%์€ Linux/macOS์—์„œ ์ž๋™์œผ๋กœ $HOME์œผ๋กœ ๋งคํ•‘๋ฉ๋‹ˆ๋‹ค. Linux/macOS์—์„œ๋Š” install_dir์„ IDA ๊ฒฝ๋กœ๋กœ ์„ค์ •ํ•˜์„ธ์š” (์˜ˆ: /opt/ida-9.3).

Step 6. ๊ธ€๋กœ๋ฒŒ CLI (์„ ํƒ, ๊ถŒ์žฅ)

bin/ ๋””๋ ‰ํ† ๋ฆฌ๋ฅผ ์‹œ์Šคํ…œ PATH์— ์ถ”๊ฐ€ํ•˜๋ฉด ์–ด๋””์„œ๋“  ida-cli ๋ช…๋ น์–ด๋กœ ์‹คํ–‰ ๊ฐ€๋Šฅ:

# Windows (PowerShell, ์˜๊ตฌ ์„ค์ •)
[Environment]::SetEnvironmentVariable("Path", $env:Path + ";<headless-ida>\bin", "User")

# Linux/macOS
echo 'export PATH="$PATH:<headless-ida>/bin"' >> ~/.bashrc
source ~/.bashrc

์„ค์ • ํ›„ python tools/ida_cli.py ๋Œ€์‹  ida-cli๋กœ ์–ด๋””์„œ๋“  ์‹คํ–‰ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.

Step 7. ๋™์ž‘ ํ…Œ์ŠคํŠธ

# ์•„๋ฌด ๋ฐ”์ด๋„ˆ๋ฆฌ๋กœ ์ธ์Šคํ„ด์Šค ์‹œ์ž‘ (IDB๋ฅผ ํ˜„์žฌ ํด๋”์— ์ €์žฅ)
ida-cli start ./samples/target.exe --idb-dir .

# ์ƒํƒœ ํ™•์ธ
ida-cli list

# ์ข…๋ฃŒ
ida-cli stop <id>

Instance started: id=xxxx๊ฐ€ ์ถœ๋ ฅ๋˜๊ณ  list์— ๋‚˜ํƒ€๋‚˜๋ฉด ํ™˜๊ฒฝ ๊ตฌ์ถ• ์™„๋ฃŒ.

AI ์—ฐ๋™

ํ™˜๊ฒฝ ๊ตฌ์ถ• ์™„๋ฃŒ ํ›„, AI ์–ด์‹œ์Šคํ„ดํŠธ๊ฐ€ shell๋กœ ida_cli.py ๋ช…๋ น์–ด๋ฅผ ํ˜ธ์ถœํ•ฉ๋‹ˆ๋‹ค. ์‚ฌ์šฉ์ž๊ฐ€ ๋ช…๋ น์–ด๋ฅผ ์™ธ์šธ ํ•„์š” ์—†์Šต๋‹ˆ๋‹ค.

Claude Code

ํ”„๋กœ์ ํŠธ์— ์Šคํ‚ฌ ํŒŒ์ผ์„ ๋ณต์‚ฌํ•ฉ๋‹ˆ๋‹ค:

# ์Šคํ‚ฌ ๋””๋ ‰ํ† ๋ฆฌ ์ƒ์„ฑ
mkdir -p .claude/commands

# ์Šคํ‚ฌ ํŒŒ์ผ ๋ณต์‚ฌ
cp <headless-ida>/tools/ida_cli.py tools/
cp <headless-ida>/.claude/commands/ida.md .claude/commands/

ํ”„๋กœ์ ํŠธ ๋ฃจํŠธ์— CLAUDE.md ๋ณต์‚ฌ (AI๊ฐ€ ๋ช…๋ น์–ด ๋ ˆํผ๋Ÿฐ์Šค๋กœ ์ฐธ์กฐ):

cp <headless-ida>/CLAUDE.md .

Claude Code์—์„œ ์‚ฌ์šฉ:

/ida ./target.so

Claude๊ฐ€ ์ž๋™์œผ๋กœ ์ธ์Šคํ„ด์Šค๋ฅผ ์‹œ์ž‘ํ•˜๊ณ , ๋ฐ”์ด๋„ˆ๋ฆฌ๋ฅผ ๋ถ„์„ํ•˜๊ณ , ๊ฒฐ๊ณผ๋ฅผ ๋ณด๊ณ ํ•ฉ๋‹ˆ๋‹ค.

์ฐธ๊ณ : ida.md์™€ CLAUDE.md๋Š” ํ…œํ”Œ๋ฆฟ์ž…๋‹ˆ๋‹ค. ๊ฒฝ๋กœ, ๋ถ„์„ ์ „๋žต, ์˜ต์…˜ ๋“ฑ์„ ๋ณธ์ธ์˜ ํ”„๋กœ์ ํŠธ์™€ ํ™˜๊ฒฝ์— ๋งž๊ฒŒ ์ˆ˜์ •ํ•˜์„ธ์š”.

๋‹ค๋ฅธ AI ๋„๊ตฌ (Cursor, GPT ๋“ฑ)

shell/ํ„ฐ๋ฏธ๋„ ์ ‘๊ทผ์ด ๊ฐ€๋Šฅํ•œ AI๋ฉด ida_cli.py๋ฅผ ์ง์ ‘ ํ˜ธ์ถœํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. CLAUDE.md ๋‚ด์šฉ์„ AI์˜ system prompt๋‚˜ ํ”„๋กœ์ ํŠธ ์ปจํ…์ŠคํŠธ์— ์ถ”๊ฐ€ํ•˜๋ฉด ๋ฉ๋‹ˆ๋‹ค.

๋ช…๋ น์–ด ๋ ˆํผ๋Ÿฐ์Šค

๋ช…๋ น์–ด๋Š” ์ฃผ๋กœ AI๊ฐ€ ์‚ฌ์šฉํ•˜๋ฉฐ, ์ฐธ๊ณ ์šฉ์œผ๋กœ ์ •๋ฆฌํ•ฉ๋‹ˆ๋‹ค.

์ธ์Šคํ„ด์Šค ๊ด€๋ฆฌ

๋ช…๋ น์–ด ์„ค๋ช…
start <binary> ๋ถ„์„ ์ธ์Šคํ„ด์Šค ์‹œ์ž‘
stop <id> ์ธ์Šคํ„ด์Šค ์ข…๋ฃŒ
restart <id> ์ธ์Šคํ„ด์Šค ์ข…๋ฃŒ ํ›„ ์žฌ์‹œ์ž‘ (๊ฐ™์€ ๋ฐ”์ด๋„ˆ๋ฆฌ/IDB)
wait <id> ๋ถ„์„ ์™„๋ฃŒ ๋Œ€๊ธฐ
list ์‹คํ–‰ ์ค‘์ธ ์ธ์Šคํ„ด์Šค ๋ชฉ๋ก
status [<id>] ์ธ์Šคํ„ด์Šค ์ƒํƒœ ํ™•์ธ
logs <id> ์ธ์Šคํ„ด์Šค ๋กœ๊ทธ ๋ณด๊ธฐ
cleanup ๋น„์ •์ƒ ์ธ์Šคํ„ด์Šค ์ •๋ฆฌ

๋ถ„์„

๋ช…๋ น์–ด ์„ค๋ช…
functions ํ•จ์ˆ˜ ๋ชฉ๋ก
strings ๋ฌธ์ž์—ด ๋ชฉ๋ก
imports / exports imports/exports ๋ชฉ๋ก
segments ์„ธ๊ทธ๋จผํŠธ ๋ชฉ๋ก
decompile <addr|name> ํ•จ์ˆ˜ ๋””์ปดํŒŒ์ผ
decompile_batch <addrs> ์—ฌ๋Ÿฌ ํ•จ์ˆ˜ ์ผ๊ด„ ๋””์ปดํŒŒ์ผ
disasm <addr|name> ๋””์Šค์–ด์…ˆ๋ธ”
xrefs <addr> ํฌ๋กœ์Šค ๋ ˆํผ๋Ÿฐ์Šค
callers <addr> ์ด ์ฃผ์†Œ๋ฅผ ํ˜ธ์ถœํ•˜๋Š” ํ•จ์ˆ˜ (xrefs --direction to ๋‹จ์ถ•)
callees <addr> ์ด ํ•จ์ˆ˜๊ฐ€ ํ˜ธ์ถœํ•˜๋Š” ํ•จ์ˆ˜ (xrefs --direction from ๋‹จ์ถ•)
find_func <name> ํ•จ์ˆ˜ ๊ฒ€์ƒ‰
func_info <addr|name> ํ•จ์ˆ˜ ์ƒ์„ธ ์ •๋ณด
imagebase ์ด๋ฏธ์ง€ ๋ฒ ์ด์Šค ์ฃผ์†Œ
bytes <addr> <size> Raw ๋ฐ”์ดํŠธ ์ฝ๊ธฐ
find_pattern <hex> ๋ฐ”์ดํŠธ ํŒจํ„ด ๊ฒ€์ƒ‰
comments <addr> ์ฃผ์†Œ์˜ ์ฃผ์„ ์กฐํšŒ
methods <class> ํด๋ž˜์Šค ๋ฉ”์„œ๋“œ ๋ชฉ๋ก
summary ๋ฐ”์ด๋„ˆ๋ฆฌ ์ข…ํ•ฉ ๊ฐœ์š” (์„ธ๊ทธ๋จผํŠธ, ์ž„ํฌํŠธ, ํ•จ์ˆ˜, ๋ฌธ์ž์—ด)
search-code <query> ๋””์ปดํŒŒ์ผ๋œ ์˜์‚ฌ์ฝ”๋“œ ๋‚ด ๊ฒ€์ƒ‰
cross-refs <addr> [--depth] [--direction] ๋‹ค๋‹จ๊ณ„ xref ์ฒด์ธ ์ถ”์  (mermaid/DOT)
basic-blocks <addr> [--format] [--graph-only] ๊ธฐ๋ณธ ๋ธ”๋ก + CFG (Control Flow Graph)
func-similarity <addrA> <addrB> ํ•จ์ˆ˜ ์œ ์‚ฌ๋„ ๋น„๊ต
strings-xrefs [--filter] [--min-refs] ๋ฌธ์ž์—ด + ์ฐธ์กฐ ํ•จ์ˆ˜ ํ•œ๋ฒˆ์— ์กฐํšŒ
data-refs [--segment] [--filter] ๋ฐ์ดํ„ฐ ์ฐธ์กฐ ๋ถ„์„ (๊ธ€๋กœ๋ฒŒ ๋ณ€์ˆ˜)
decompile-all --out <file> [--filter] [--split] ์ „์ฒด ํ•จ์ˆ˜ ์ผ๊ด„ ๋””์ปดํŒŒ์ผ (--split: ํ•จ์ˆ˜๋ณ„ ๊ฐœ๋ณ„ ํŒŒ์ผ)
stack-frame <addr|name> ์Šคํƒ ํ”„๋ ˆ์ž„ ๋ ˆ์ด์•„์›ƒ (๋กœ์ปฌ ๋ณ€์ˆ˜, ์ธ์ž, ์˜คํ”„์…‹)
switch-table <addr|name> switch/jump ํ…Œ์ด๋ธ” ๋ถ„์„
type-info list [--kind] ๋กœ์ปฌ ํƒ€์ž… ๋ชฉ๋ก (typedef/funcptr/struct/enum)
type-info show <name> ํƒ€์ž… ์ƒ์„ธ ์ •๋ณด
diff <a> <b> ๋‘ ์ธ์Šคํ„ด์Šค ๊ฐ„ ํ•จ์ˆ˜ ๋น„๊ต
code-diff <inst_a> <inst_b> ๋‘ ์ธ์Šคํ„ด์Šค ๊ฐ„ ๋””์ปดํŒŒ์ผ ์ฝ”๋“œ ๋น„๊ต
batch <dir> ๋””๋ ‰ํ† ๋ฆฌ ๋‚ด ๋ฐ”์ด๋„ˆ๋ฆฌ ์ผ๊ด„ ๋ถ„์„
profile run malware ์•…์„ฑ์ฝ”๋“œ ํ”„๋กœํ•„: C2, ์•”ํ˜ธํ™”, ์•ˆํ‹ฐ ๋ถ„์„, ๋„คํŠธ์›Œํฌ API
profile run vuln ์ทจ์•ฝ์  ํ”„๋กœํ•„: ์œ„ํ—˜ ํ•จ์ˆ˜ (memcpy, strcpy, sprintf, system)
profile run firmware ํŽŒ์›จ์–ด ํ”„๋กœํ•„: ์ฃผ๋ณ€์žฅ์น˜ (UART/SPI/GPIO), ํ”„๋กœํ† ์ฝœ, ๋ถ€ํŠธ
bookmark add <addr> <tag> ์ฃผ์†Œ์— ๋ถ๋งˆํฌ ํƒœ๊ทธ ์ถ”๊ฐ€
bookmark list [--tag] ๋ถ๋งˆํฌ ๋ชฉ๋ก ์กฐํšŒ

์ˆ˜์ •

๋ช…๋ น์–ด ์„ค๋ช…
rename <addr> <name> ์‹ฌ๋ณผ ์ด๋ฆ„ ๋ณ€๊ฒฝ
rename-batch <file> CSV(์ฃผ์†Œ,์ด๋ฆ„) ๋˜๋Š” JSON ํŒŒ์ผ์—์„œ ์ผ๊ด„ ์ด๋ฆ„ ๋ณ€๊ฒฝ
set_type <addr> <type> ํ•จ์ˆ˜/๋ณ€์ˆ˜ ํƒ€์ž… ์„ค์ •
comment <addr> "text" ์ฃผ์„ ์ถ”๊ฐ€
save ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค ์ €์žฅ
exec <expr> IDAPython ํ‘œํ˜„์‹ ์‹คํ–‰ (๊ธฐ๋ณธ ๋น„ํ™œ์„ฑํ™”)
patch <addr> <hex bytes> ์ฃผ์†Œ์— ๋ฐ”์ดํŠธ ํŒจ์น˜
auto-rename [--apply] sub_ ํ•จ์ˆ˜ ํœด๋ฆฌ์Šคํ‹ฑ ์ด๋ฆ„ ์ถ”์ •
shell ๋Œ€ํ™”ํ˜• IDA Python REPL

๊ตฌ์กฐ์ฒด & ํƒ€์ž…

๋ช…๋ น์–ด ์„ค๋ช…
structs list [--filter] [--count] [--offset] ๊ตฌ์กฐ์ฒด/์œ ๋‹ˆ์˜จ ๋ชฉ๋ก ์กฐํšŒ
structs show <name> ๊ตฌ์กฐ์ฒด ์ƒ์„ธ (๋ฉค๋ฒ„ ํฌํ•จ)
structs create <name> --members ์ƒˆ ๊ตฌ์กฐ์ฒด ์ƒ์„ฑ
enums list [--filter] [--count] [--offset] ์—ด๊ฑฐํ˜• ๋ชฉ๋ก ์กฐํšŒ
enums show <name> ์—ด๊ฑฐํ˜• ์ƒ์„ธ (๋ฉค๋ฒ„ ํฌํ•จ)
enums create <name> --members ์ƒˆ ์—ด๊ฑฐํ˜• ์ƒ์„ฑ
search-const <value> ์ƒ์ˆ˜/์ฆ‰์‹œ๊ฐ’ ๊ฒ€์ƒ‰
callgraph <addr> [--depth] [--format] ํ•จ์ˆ˜ ์ฝœ๊ทธ๋ž˜ํ”„ ์ƒ์„ฑ (mermaid/DOT)
vtables [--min-entries] ๊ฐ€์ƒ ํ•จ์ˆ˜ ํ…Œ์ด๋ธ” ํƒ์ง€
sigs list FLIRT ์‹œ๊ทธ๋‹ˆ์ฒ˜ ๋ชฉ๋ก
sigs apply <name> FLIRT ์‹œ๊ทธ๋‹ˆ์ฒ˜ ์ ์šฉ

๋ฆฌํฌํŠธ & ๋‚ด๋ณด๋‚ด๊ธฐ

๋ช…๋ น์–ด ์„ค๋ช…
report <output.md> ๋งˆํฌ๋‹ค์šด ๋ถ„์„ ๋ฆฌํฌํŠธ ์ƒ์„ฑ
report <output.html> HTML ๋ถ„์„ ๋ฆฌํฌํŠธ ์ƒ์„ฑ
report <out> --functions <addrs> ํ•จ์ˆ˜ ๋””์ปดํŒŒ์ผ ํฌํ•จ ๋ฆฌํฌํŠธ
decompile <addr> --out result.md ๋งˆํฌ๋‹ค์šด ํ˜•์‹์œผ๋กœ ๋””์ปดํŒŒ์ผ
annotations export --out <file> ์ด๋ฆ„/์ฃผ์„/ํƒ€์ž… JSON ๋‚ด๋ณด๋‚ด๊ธฐ
annotations import <file> JSON์—์„œ ๋ถ„์„ ๊ฒฐ๊ณผ ๊ฐ€์ ธ์˜ค๊ธฐ
snapshot save [--description] IDB ์Šค๋ƒ…์ƒท ์ €์žฅ
snapshot list ์Šค๋ƒ…์ƒท ๋ชฉ๋ก ์กฐํšŒ
snapshot restore <file> ์Šค๋ƒ…์ƒท์—์„œ IDB ๋ณต์›
export-script --out <file> ์žฌํ˜„ ๊ฐ€๋Šฅํ•œ IDAPython ์Šคํฌ๋ฆฝํŠธ ์ƒ์„ฑ
compare <binary_a> <binary_b> ๋‘ ๋ฐ”์ด๋„ˆ๋ฆฌ ํŒจ์น˜ ๋””ํ•‘
code-diff <inst_a> <inst_b> ๋‘ ์ธ์Šคํ„ด์Šค ๊ฐ„ ๋””์ปดํŒŒ์ผ ์ฝ”๋“œ ๋น„๊ต

์œ ํ‹ธ๋ฆฌํ‹ฐ

๋ช…๋ น์–ด ์„ค๋ช…
update git ์ €์žฅ์†Œ์—์„œ ์ž๋™ ์—…๋ฐ์ดํŠธ
completions --shell <bash|zsh|powershell> ์…ธ ํƒญ ์ž๋™์™„์„ฑ ์Šคํฌ๋ฆฝํŠธ ์ƒ์„ฑ

๊ณตํ†ต ์˜ต์…˜

์˜ต์…˜ ์„ค๋ช…
--json JSON ์ถœ๋ ฅ
-i <id> ์ธ์Šคํ„ด์Šค ID ์ง€์ •
-b <hint> ๋ฐ”์ด๋„ˆ๋ฆฌ ์ด๋ฆ„์œผ๋กœ ์ž๋™ ์„ ํƒ
--idb-dir <path> IDB ์ €์žฅ ๋””๋ ‰ํ† ๋ฆฌ ์ง€์ • (IDA_IDB_DIR ํ™˜๊ฒฝ๋ณ€์ˆ˜๋กœ๋„ ์„ค์ • ๊ฐ€๋Šฅ)
--with-xrefs ๋””์ปดํŒŒ์ผ ์‹œ ํ˜ธ์ถœ์ž/ํ”ผํ˜ธ์ถœ์ž ์ •๋ณด ํฌํ•จ
--raw ์ˆœ์ˆ˜ C ์ฝ”๋“œ๋งŒ ์ถœ๋ ฅ (ํ—ค๋”/์ฃผ์†Œ ์ฃผ์„ ์—†์Œ, decompile ์ „์šฉ)
--encoding unicode|ascii ๋ฌธ์ž์—ด ์ธ์ฝ”๋”ฉ ํƒ€์ž… ํ•„ํ„ฐ
--count N / --offset N ๋ฆฌ์ŠคํŠธ ๋ช…๋ น์–ด ํŽ˜์ด์ง• (functions, strings, imports, exports)
--max N ๊ฒ€์ƒ‰ ๋ช…๋ น์–ด ๊ฒฐ๊ณผ ์ œํ•œ (find_func, find_pattern, search-const ๋“ฑ)
--filter <keyword> ์ด๋ฆ„์œผ๋กœ ๊ฒฐ๊ณผ ํ•„ํ„ฐ๋ง
--count-only ์ด ๊ฐœ์ˆ˜๋งŒ ํ‘œ์‹œ (functions/strings/imports/exports)
--version CLI ๋ฒ„์ „ ํ‘œ์‹œ

์ง€์› ํฌ๋งท

PE, ELF, Mach-O, FAT, .so, dylib, Raw binary, Intel HEX, SREC

๋””์ปดํŒŒ์ผ๋Ÿฌ: x86/x64, ARM/ARM64, MIPS, PowerPC, RISC-V, V850, ARC

๋ผ์ด์„ ์Šค

Apache License 2.0 โ€” LICENSE ์ฐธ์กฐ.

์ด ํ”„๋กœ์ ํŠธ๋ฅผ ์‚ฌ์šฉํ•˜๋ ค๋ฉด ๋ณ„๋„๋กœ ์œ ํšจํ•œ IDA Pro ๋ผ์ด์„ ์Šค๊ฐ€ ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค. Hex-Rays ๋””์ปดํŒŒ์ผ๋Ÿฌ ๋ผ์ด์„ ์Šค๋Š” ์„ ํƒ ์‚ฌํ•ญ (decompile ๋ช…๋ น์–ด ์‚ฌ์šฉ ์‹œ ํ•„์š”).

Releases

No releases published

Packages

 
 
 

Contributors

Languages