gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-31 07:01:02 -08:00
Code Issues Packages Projects Releases Wiki Activity

readme: add screenshot and text about the IDA plugin

Browse Source
This commit is contained in:
Willi Ballenthin
2020-07-14 11:04:08 -06:00
committed by GitHub
parent 3920a1f37c
commit cc2777cd57
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -140,6 +140,12 @@ rule:
The [github.com/fireeye/capa-rules](https://github.com/fireeye/capa-rules) repository contains hundreds of standard library rules that are distributed with capa.
Please learn to write rules and contribute new entries as you find interesting techniques in malware.
If you use IDA Pro, then you use can use the [IDA Pro plugin for capa](./capa/ida/ida_capa_explorer.py).
This script adds new user interface elements to IDA, including an interactive tree view of rule matches and their locations within the current database.
As you select the checkboxes, the plugin will highlight the addresses associated with the features.
We use this plugin all the time to quickly jump to interesting parts of a program.
![capa + IDA Pro integration](.github/capa-ida.jpg)
# further information
## capa
- [doc/installation](doc/installation.md)