Jump to content
Tuts 4 You

1 Screenshot

About This File

xAnalyzer is a plugin for the x86/x64 x64dbg debugger by @mrexodia. This plugin is based on APIInfo Plugin by @mrfearless, although some improvements and additions have been made. xAnalyzer is capable of doing various types of analysis over the static code of the debugged application to give more extra information to the user. This plugin is going to make an extensive API functions call detections to add functions definitions, arguments and data types as well as any other complementary information, something close at what you get with OllyDbg analysis engine, in order to make it even more comprehensible to the user just before starting the debugging task.

Features

Some of the main features and improvements include:

  • Extended function calls analysis (over 13,000 API’s definitions from almost 200 DLL’s)
  • Defined and generic functions, arguments, data types and additional debugging info recognition.
  • Automatic loops detection.
  • User maintained definition files

Before xAnalyzer

before_analysis.png.305afacfbe79d90c08be84e72ae20671.png

After xAnalyzer

after_analysis.png.3cdc80188df71816affe6a3e8607b585.png

Analyze Selection

By making a selection of several instructions in the disassembly windows of x64dbg and selecting this menu, a fast analysis will be made over the selected lines. You can also use the command xanal selection for launching this option or even set your own hotkeys for it in the x64dbg gui.

selection_analysis.gif.b85d5eb62144c780402db4cc2f5265d7.gif

Analyze Function

If you are in the middle of some function you could use this menu entry to analyze that entire function and only that function. Taking your single selected instruction as a reference xAnalyzer will process from there all the lines inside a block of code. You could also use the command xanal function for launching this type of analysis or even set your own hotkeys for it in the x64dbg gui.

function_analysis.gif.fd34dbd2755ee6e8b1fa095cccb79990.gif

Analyze Module

This command it's going to launch a full analysis over the entire module. This feature takes the Extended Analysis option into consideration for the depth of analysis to be used. You could use the command xanal module to execute it as well or even set your own hotkeys for it in the x64dbg gui.

Remove Analysis Menus

In these cases, all of these menus are going to make the opposite of what the previous commands did. In case you want to get rid of the analysis extra information in some parts of the code or in the entire executable if wished. You could also use the commands: xanalremove selection/function/module


User Feedback

Recommended Comments

There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...