Feature Request: Auto Create Struct for Consecutive Functions/Hashes #50
Description
Hello! Thank you for this plugin as I find it very useful. I wanted to suggest a feature that I think may be useful and hopefully not too difficult to add.
Sometimes there are a lot of hashes near each other that can be resolved in a single swoop, which you have noted and created the ability to resolve all of them, which is really nice. But when these get used in malware, there is often an API_Struct of a sort that gets passed around using them. It would be nice to be able to have a struct that is generated that contains the resolved functions so that it can be applied to where this occurs.
An example can be seen towards the middle/bottom of this blog post where it talks about Create Struct: https://www.mandiant.com/resources/blog/precalculated-string-hashes-reverse-engineering-shellcode
This does not need to be anything beyond a simple struct with names, but an addition that could improve it even further might be something like incorporating the function prototypes for each resolved function so that the arguments can be populated as comments. This can sort of be seen in this blog post here about an IDA Plugin called StructTyper: https://www.mandiant.com/resources/blog/function-prototypes-indirect-calls