Skip to content
This repository has been archived by the owner on Dec 4, 2024. It is now read-only.

FIRST Server BETA v0.0.2
Compare
Choose a tag to compare
@demonduck demonduck released this 11 Sep 12:59
· 49 commits to dev since this release
v0.0.2
8d3ad5f

The Function Identification and Recover Signature Tool (FIRST) developed by Talos, is an IDA Pro plugin that allows reverse engineers to more quickly complete static analysis. It makes finding similar functions faster and easier by removing the need to synchronize function metadata.

FIRST’s extensible framework allows users to submit function metadata to a repository and search the repository for function metadata similar to the function

Users can contribute function metadata and search for function metadata similar to the function(s) being analyzed in IDA. FIRST’s framework allows developers to create new ways to derive similarities between functions.

  • Save function metadata (name, prototype, and comment)
  • Provide way to find similar functions
  • Allow users to apply function metadata in IDA Pro
  • Reduce reverse engineering time

Installation documentation can be found at http://first-server-dev.readthedocs.io

Notes

This version is still being developed, thus this release is from the dev branch. The BasicMaskingEngine does not function the same way as the previous version. A new version will be released once implemented and will be merged to master upon completion.

Change Log

  • Migration from MongoDB to Django ORM (this allows for users to select any backend DB supported by Django)
  • Migration from Distorm3 to Captsone (this will allow more flexibility for handing various architectures and platforms)
    • New Dependency: Capstone
  • Addition of user management shell
    • Manually add user to the system
    • Disable and enable user accounts
    • List basic user info (name, email, handle, creation date, activate account)
  • Added script to migrate data from MongoDB to Django ORM for existing data migration.
  • Updated API key verification to require active account
  • Changed directory structure to enable FIRST core functionality to be located outside of Django Project or App
  • Added Engine App for user created Engines
  • Added Disassembly class to abstract disassembly implementation and prevent several engines from disassembling the same code over
Assets 2
Loading