Analysis updated 2026-05-18
Automatically reverse engineer a suspicious executable to identify its purpose.
Extract network indicators like IPs and domains from a binary sample.
Get a ranked list of suspicious functions in a program for manual review.
| wpeace-hch/wpegpt-analyzer | sbousseaden/edrunchoker | zaxardery8011-design/soplint | |
|---|---|---|---|
| Stars | 36 | 35 | 39 |
| Language | PowerShell | PowerShell | PowerShell |
| Setup difficulty | hard | moderate | moderate |
| Complexity | 4/5 | 3/5 | 3/5 |
| Audience | researcher | ops devops | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires IDA 7.6+ with the WPeGPT plugin installed, Python 3, and Windows.
WPeGPT Analyzer is a portable skill that connects the IDA disassembler to a plugin called WPeGPT, so an AI agent can perform automatic reverse engineering analysis of executable files. It supports both PE and ELF binary formats and works with any AI agent system that can load this kind of skill file. The skill starts IDA automatically, drives it with the WPeGPT plugin, and produces a structured report about the file being examined. That report covers the likely purpose and behavior of the program, network indicators such as IP addresses, domains, URLs, and ports if any network activity is detected, a ranked list of suspicious functions with notes on why each stood out, and, in one of its modes, a vulnerability assessment with risk ratings. There are three analysis modes. The light mode, which is the default, does a broad scan plus analysis of key code paths and takes about two to five minutes. The full mode adds analysis of every function in the binary and takes ten to thirty minutes. The vuln mode focuses only on vulnerability analysis of key code paths and takes five to twenty minutes. To use it, someone needs IDA version 7.6 or later with the WPeGPT plugin already installed and working, Python 3 with the openai and httpx packages, and a Windows machine, since the launch scripts are PowerShell and Batch files. After installing the WPeGPT plugin into IDA's plugins folder and filling in a small config file with the IDA and Python paths, the skill can be added to an AI agent's skill directory. A person can then simply ask the agent to analyze a specific file, and it handles starting IDA, detecting the binary's architecture, running the scan, and summarizing the resulting report.
A skill that drives IDA and a WPeGPT plugin to automatically reverse engineer PE and ELF binaries and produce a structured analysis report.
Mainly PowerShell. The stack also includes IDA, Python, PowerShell.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.