First

The Function Identification and Recover Signature Tool (FIRST) developed by Talos, is an IDA Pro plugin that allows reverse engineers to more quickly complete static analysis. It makes finding similar functions faster and easier by removing the need to synchronize function metadata.

FIRST’s extensible framework allows users to submit function metadata to a repository and search the repository for function metadata similar to the function

Users can contribute function metadata and search for function metadata similar to the function(s) being analyzed in IDA. FIRST’s framework allows developers to create new ways to derive similarities between functions.

Save function metadata (name, prototype, and comment)
Provide way to find similar functions
Allow users to apply function metadata in IDA Pro
Reduce reverse engineering time

*Note - This project has been archived, and is kept only for reference purposes. It is not officially supported and the user assumes all liability for the use of this tool.

Intelligence Center

Vulnerability Research

Incident Response

Security Resources

Media

Company