Scripts for Hopper Disassembler

Copyright (C) 2018-2019, 2023-2024, Daniel Roethlisberger.

Synopsis

make install
# check Scripts menu in Hopper

Description

Some of my Hopper scripts that are polished and general enough to be potentially useful to others. They used to run on Hopper 4 on macOS and Linux and are slowly being fixed for Hopper 5 and Python 3.

The scripts use a nicer wrapper API around the strictly procedural Hopper python API, otherwise the scripts are self-contained.

Scripts

• Analyze Shellcode - detect and annotate typical shellcode patterns:
  known code blocks, call import by hash, and call/pop reg
• Annotate Stack Strings in Selection - annotate plaintext and
  XOR-encrypted stack strings
• Annotate Yara Matches - apply a set of yara rules to the currently
  loaded document and annotate a summary of matching rules as well as each
  string occurence for matching rules
• Copy Selection As Python - copy bytes in current selection to the
  clipboard, in python syntax, with assembly code in comments
• Copy Selection As Yara - copy bytes in current selection to the
  clipboard, in yara syntax, with assembly code in comments
• File Offset Here - add a prefix comment with the file offset at the
  current cursor position
• Fix Imports By Ordinal - rename labels of imported functions by ordinal
  to their actual names
• Save Bytes From Here - carve and save an arbitrarily-sized blob of
  optionally XOR-decrypted bytes from the current cursor position to a file
• Save Selection As Bytes - carve and save an arbitrarily-sized blob of
  optionally XOR-decrypted bytes based on the current selection to a file

Support

There is no support whatsoever. No communication except in the form of pull requests fixing bugs or adding features. You are on your own.

License

Source code provided under a 2-clause BSD license.