1. Map loader
2. Resource viewer
3. Process info
4. IDA signature loader
5. Notepad
1. Map loader - use it for loading map files produced by compiler or by
IDA. You can use it to load label names and/or to load comments from .map file.
There is no any checking if map file match currently debugged process.
2. Resource viewer - use it for looking to your resources ;-) This is
probably only viewer which works through direct memory access - means that you
can even look to resources of compressed (protected) executables.
NOTE: Still in experimental phase.
3. Process info - Give you basic information about process + try to
recognize compiler and protection mechanism. . Process info use signature file
signs.txt from PE tools v1.5 (NEOx, .Cryorb) Fell free to add your own
signatures and share it with us.
4. IDA signature loader - probably mostly wanted add on for Olly debugger -
now you can use IDA signature without IDA ;-) Just look to process info - find
your compiler and select and apply matching IDA signature. It's not problem if
you apply wrong one, you can apply another also. Only what you must do is to set
proper path to IDA signatures, and you need sigdump.exe file from IDA resource
kit.
5. Notepad - Simple but smart notepad which load your notes per process
automatically every time.
xiexie!!
it is very useful to load ida sig file to analy file,as we know ,ida is very power,but it analy file very slower.and many tools (eg. flexlm ,dongle.....was maked sig by cracker,so......)