iida-dfs

This is a plugin for IDA Pro, a tool that security researchers and reverse engineers use to examine compiled programs (binaries) without access to their source code. The plugin's job is to help you find functions in one binary that match functions in another binary, even when the two binaries are different versions of the same software.

The README is written in Chinese and describes a machine-learning approach. A pre-trained model converts each function in a binary into a numeric representation, then compares those representations to find close matches across files. The typical scenario is: you have already analyzed an older version of a program and labeled its functions, and now you want to carry those labels over to a newer version automatically.

The workflow has two steps. In the first binary you export a function's data to the clipboard via the plugin menu. In the second binary you run a match operation using that clipboard data, set how many candidate matches to show, and wait for results. The plugin runs entirely on CPU, peaking at around 1100 MB of memory on files with 40,000 functions.

Installation means copying the plugin file into IDA's plugins folder and installing two Python packages (numpy and onnxruntime). The README notes the model was trained on roughly 1,100 samples and is presented as a proof of concept rather than a production-grade tool. The author does not plan active maintenance.