rev
reverse engineering helpers: CFG recovery, signature matching, decompilation hints.
Load with: use rev
Quick example
use rev
result = revcf("value")
prn(result)Functions
Control flow graph
revcf(bp)
Performs the operation. Takes bp.
revcn(bp, addr)
Performs the operation. Takes bp, addr.
revcr(bp)
Creates a new instance. Takes bp.
Function identification
revfn(bp)
Finalises. Takes bp.
revfa(bp, addr)
Performs the operation. Takes bp, addr.
revfm(bp, nm)
Performs the operation. Takes bp, nm.
String extraction
revst(bp, ml)
Sets a value or starts a process. Takes bp, ml.
revsa(bp)
Performs the operation. Takes bp.
Cross references
revxr(bp, addr)
Performs the operation. Takes bp, addr.
revxm(bp, addrs)
Performs the operation. Takes bp, addrs.
Signature matching
revsl(dbp)
Performs the operation. Takes dbp.
revsm(bp, sig)
Performs the operation. Takes bp, sig.
revsc(bp, sigs)
Performs the operation. Takes bp, sigs.
Unpacking
revun(bp)
Performs the operation. Takes bp.
revpk(bp)
Performs the operation. Takes bp.
Decompilation hints
revde(bp, addr)
Decodes. Takes bp, addr.
Type inference
revty(bp, fa)
Performs the operation. Takes bp, fa.
Call graph
revcg(bp)
Performs the operation. Takes bp.
revcd(bp)
Performs the operation. Takes bp.
Import/Export tables
revim(bp)
Performs the operation. Takes bp.
revex(bp)
Executes. Takes bp.
Entropy analysis
reven(bp)
Encodes. Takes bp.
YARA-style rules
revyr(nm, patterns)
Performs the operation. Takes nm, patterns.
revym(bp, rule)
Performs the operation. Takes bp, rule.
Binary diffing
revbi(pa, pb)
Performs the operation. Takes pa, pb.
Notes
- Reverse engineering helpers. Use only on systems you own.