ida_buddy

IDA Pro is a professional program used by security researchers and engineers to examine compiled software, meaning programs distributed as binary files with no source code attached. This project, called idb (short for IDA Buddy), adds a command-line interface on top of IDA Pro so the analysis database can be queried and modified without opening IDA's graphical interface.

The main use case is automated or AI-driven analysis. When an AI assistant or script needs to inspect a compiled program step by step, it benefits from short, structured text output rather than a graphical window. idb keeps a persistent background worker open per database, so after you open a binary once you can run many follow-up queries in the same session without restarting IDA each time.

From the command line you can open a compiled file and see a triage summary, disassemble a specific function to read its machine instructions, decompile it to more readable pseudocode (using IDA's Hex-Rays add-on), dump raw memory bytes, search for symbol names, and trace which parts of the program call each other. Mutation commands let you rename addresses or variables, add comments, define new data types, and patch bytes in the database. Each mutation creates an undo point so changes can be rolled back.

Output goes to stdout; banners, errors, and truncation notices go to stderr. That separation keeps the two streams clean for scripts that parse the results. Addresses default to hexadecimal in WinDbg style, with a prefix for decimal input when needed.

Installing requires IDA Pro to be already installed and activated on the machine. Setup involves activating idalib, IDA's Python library interface, then installing idb via pip. The README shows the exact Windows commands. A built-in doctor command verifies the environment is ready.