Ablation
Ablation is a tool for augmenting static analysis by extracting information at runtime, and importing it into IDA. It can resolve virtual calls, reveal interesting code, exclude heavily traversed regions, identify untested or undocumented features, visually diff samples, or perform root cause analysis simply by running samples. My favourite however is the virtual call resolution with fully interactive x-refs. It's simple, elegant, and disassembled C++ reads like C! It helps me time and time again.
Install / Use
/learn @cylance/AblationREADME
"# Ablation"
Jump Start Tutorial: BH16USA-PDF-16x9-PMEHTA-Ablation-Tutorial.pdf
Ablation is a tool for augmenting static analysis by extracting information at runtime, and importing it into IDA.
- Resolve virtual calls.
- Maximize code audits by revealing interesting code.
- Exclude heavily traversed regions.
- Identify untested or undocumented features.
- Visually diff samples.
- Perform root cause analysis simply by running samples.
My favourite however is the virtual call resolution with fully interactive x-refs. It's simple, elegant, and disassembled C++ reads like C! It helps me time and time again.
Ablation helps you focus on the research.
