An advanced IDA Pro plugin offering decryption, deobfuscation, patching, and pseudocode transformations to enhance malware analysis.
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
This tool is primarily used by malware analysts and reverse engineers to simplify the analysis of obfuscated or encrypted binaries within IDA Pro. It automates complex tasks like decryption and code recognition, enabling faster and more effective forensic investigations.
Requires a licensed copy of IDA Pro to function. Best used by users familiar with IDA Pro and reverse engineering concepts. Some features may require manual intervention or configuration for optimal results.
Clone the repository: git clone https://github.com/KasperskyLab/hrtng.git
Copy the plugin files to the IDA Pro plugins directory
Restart IDA Pro to load the plugin
Refer to the documentation for any dependencies or configurationUse plugin menu inside IDA Pro to access decryption and deobfuscation features
Invokes the plugin's GUI to apply transformations and patches interactively
Apply pseudocode transformations via plugin options
Transforms the disassembled code to more readable pseudocode