anal
anal.a2fUse the new WIP analysis algorithm (core/p/a2f), anal.depth ignored atm Default is falseanal.afterjmpContinue analysis after jmp/ujmp Default is trueanal.archSelect the architecture to use Default is x86anal.armthumbaae computes arm/thumb changes (lot of false positives ahead) Default is falseanal.autonameAutomatically set a name for the functions, may result in some false positives Default is trueanal.bb.alignPossible space between basic blocks Default is 0x10anal.bb.maxsizeMaximum basic block size Default is 1024anal.brokenrefsFollow function references as well if function analysis was failed Default is falseanal.callsMake basic af analysis walk into calls Default is falseanal.cjmprefCreate references for conditional jumps Default is falseanal.cpp.abiSelect C++ ABI (Compiler) Default is itaniumanal.cpuSpecify the anal.cpu to use Default is x86anal.datarefsFollow data references for code coverage Default is falseanal.depthMax depth at code analysis Default is 16anal.endsizeAdjust function size at the end of the analysis (known to be buggy)anal.eobjmpjmp is end of block mode (option) Default is falseanal.esilUse the new ESIL code analysis Default is falseanal.fcnprefixPrefix new function names with this Default is fcnanal.fromLower limit on the address range for analysis Default is 0xffffffffffffffffanal.gpSet the value of the GP register (MIPS) Default is 0anal.gp2Set anal.gp before emulating each instruction (workaround) Default is falseanal.hasnextContinue analysis after each function Default is false-
anal.hasnextForces to find a function, after the end of a function. anal.hpskipSkipmov reg, regand `lea reg, [reg] at the beginning of functions Default is falseanal.inSpecify search boundaries for analysis Default is io.mapsanal.jmpaboveJump above function pointer Default is trueanal.jmprefCreate references for unconditional jumps Default is trueanal.jmptblAnalyze jump tables in switch statements Default is true-
anal.jmptblHelps in analyzing jump tables. Creates a new flags called switch and jmptbl -
anal.jmptblSet value to true before analysis to analyze jump tables. asciinema anal.limitsRestrict analysis to address range [anal.from Default is falseanal.maxreflinesMaximum number of reflines to be analyzed and displayed in asm.lines with pd Default is 0anal.noncodeAnalyze data as code Default is falseanal.nopskipSkip nops at the beginning of functions Default is trueanal.preludeSpecify an hexpair to find preludes in codeanal.ptrdepthMaximum number of nested pointers to follow in analysis Default is 3anal.pushretAnalyze push+ret as jmp Default is falseanal.recontEnd block after splitting a basic block instead of error Default is falseanal.refstrSearch string references in data references Default is falseanal.rnr(Recursive no return checks (EXPERIMENTAL)) Default is falseanal.sleepSleep N usecs every so often during analysis. Avoid 100% CPU usage Default is 0anal.splitSplit functions into basic blocks in analysis Default is trueanal.stringsIdentify and register strings during analysis (aar only) Default is false-
anal.stringsDisables bin.strings option. Only gets strings that are referenced by code anal.timeoutStop analyzing after a couple of seconds Default is 0anal.toUpper limit on the address range for analysis Default is 0xffffffffffffffffanal.varsAnalyze local variables and arguments Default is trueanal.vinfunSearch values in functions (aav) (false by default to only find on non-code) Default is trueanal.vinfunrangeSearch values outside function ranges (requires anal.vinfun=false) Default is false
anal.a2f anal.afterjmp anal.arch anal.armthumb anal.autoname anal.bb.align anal.bb.maxsize anal.bb.split anal.brokenrefs anal.calls anal.cjmpref anal.cpu anal.datarefs anal.depth anal.eobjmp anal.esil anal.fcnprefix anal.from anal.gp anal.hasnext anal.hpskip Skip mov reg, reg and anal.jmpabove anal.jmpref anal.jmptbl anal.limits anal.maxreflines anal.noncode anal.nopskip anal.prelude anal.ptrdepth anal.pushret anal.recont anal.refstr anal.sleep anal.split anal.strings anal.timeout anal.to anal.vars anal.vinfun anal.vinfunrange jump table