Trochu star?í zále?itost ov?em pro ty kdo chtějí částečně nahradit některý IDA fce v Olly doporučuju.
This plug-in consist of 5 handy tools:
1. Map loader
2. Resource viewer
3. Process info
4. IDA signature loader
5. Notepad
1. Map loader - use it for loading map files produced by compiler or by
IDA. You can use it to load label names and/or to load comments from .map file. There is no any checking if map file match currently debugged process.
2. Resource viewer - use it for looking to your resources ;-) This is
probably only viewer which works through direct memory access - means that you can even look to resources of compressed (protected) executables.
NOTE: Still in experimental phase.
3. Process info - Give you basic information about process + try to
recognize compiler and protection mechanism. . Process info use signature file
signs.txt from PE tools v1.5 (NEOx, .Cryorb) Fell free to add your own
signatures and share it with us.
4. IDA signature loader - probably mostly wanted add on for Olly debugger - now you can use IDA signature without IDA ;-) Just look to process info - find your compiler and select and apply matching IDA signature. It's not problem if you apply wrong one, you can apply another also. Only what you must do is to set proper path to IDA signatures, and you need sigdump.exe file from IDA resource kit.
5. Notepad - Simple but smart notepad which load your notes per process automatically every time.
