logoalt Hacker News

Tiberiumtoday at 6:52 AM0 repliesview on HN

Not yet, unfortunately, but I might in the future. To be honest, it's nothing unique. I got inspired by https://github.com/allthingsida/idasql which I initially used, but it had a lot of bugs, a big codebase size, and IDA's C++ API is really easy to misuse and corrupt a DB, so I had GPT 5.4/5.5 make a new one for itself based on IDA's Python SDK, which is official and doesn't need weird SQL hacks.

Then recently I found https://github.com/bkerler/ida_rpc which seems to be ~60% the same thing as the one I have, the only big difference is that I do not give any special commands to LLMs, they just have to write Python in scripts/inline heredocs to interact with IDA. This lets them do a lot more interesting things since they get a full programming language.

This is an example of how LLMs work with idagent (`ida` is implicitly imported, ida.types, ida.comments is helper's own wrappers): https://paste.debian.net/hidden/cf46a122

More interesting example that was used to let the LLM/me track the rename progress for the initial function renames + gaps (code-looking like bytes that weren't inside of functions, IDA's autoanalysis missed some real functions). Although the game turned out to be small enough with only ~1500 real game functions that needed renames, which was done in ~10 hours of agent time total I think (I didn't parallelize with multiple agents). https://paste.debian.net/hidden/bf458b3a

To be honest, you can probably have an agent vibecode a similar MVP tool to the one I have in about an hour-two :)