dump_all/load_all
set of 2 tools which tend to simplfy task when analyzing protection withmany many buffers used as anti-dump or a vm. dump_all.exe will dump all regions
from the target, and load_all.plw is an ida plugin which will load all of these
memory dumps into IDA database for easy analyze. Kinda usefull, as you don't
have to run you target several times to obtain dump of a needed memory buffer.
Note that it will dump everything, heap, stack, etc... and all dumps are loaded as
binary data file into ida. It's first release, and seems so far to work ok with all
tested binaries.
页:
[1]