Given an entry point EA(Effective address) (the first address of the program you want to start building call graph from) it will generate the call graph.
if __name__ == '__main__':
name, ea = getMainEntryPoint()
# ea = 4199680In case if you want to specify your own EA then simply uncomment the last line as shown in above snippet in main.py file.
- You have to open your PE file in the Portable Executable in IDAPro.
- Select the File > Script file option from menu bar.
- Browse to main.py file.
- This will simply execute the IDAPython script.
- The graph.json file will be generated in the same directory of your executable file.
- Make sure to create VirtualEnv if not already created.
- One created, active the virtualenv
.\venv\Scripts\activate- Install the requirements
pip install -r requirements.txt- Change the path of the file variable in CreateGraph.py file respectively.
file = "./graph.json"Here, graph.json file is present in current directory.
- Execute the script
python CreateGraph.pyThis will open the graph in the browser.
- IDAPython
- Malware Analysis
- Call Graph
Daud Ahmed (daudahmed@zoho.com)