Skip to content
/ IDA-WPP-Remover Public

Remove WPP calls from hexrays decompiled code

License

GPL-3.0 license
56 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

L4ys/IDA-WPP-Remover

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ida-plugin.json
ida-plugin.json
 
 
preview.gif
preview.gif
 
 
wpp_remover.py
wpp_remover.py
 
 

Repository files navigation

WPP Remover - IDA Plugin for Removing WPP Calls

Overview

WPP Remover is an IDA Pro plugin that removes Windows Performance Profiling (WPP) calls during decompilation, resulting in cleaner pseudocode for analysis.

Features

  • Removes WPP calls from Hex-Rays decompiler output
  • Only activates for Windows PE files

Installation

Method 1: Using hcli (Recommended)

hcli plugin install wpp-remover

Method 2: Manual Installation

  1. Download or clone this repository.
  2. Copy wpp_remover.py into your IDA plugins directory:
    • Windows: %APPDATA%\Hex-Rays\IDA Pro\plugins\
    • macOS/Linux: ~/.idapro/plugins/
  3. Restart IDA.

Usage

  • Plugin activates automatically for Windows PE files
  • Toggle on/off: Right-click in decompiled view → "Toggle WPP Remover"

How it Works

It uses a Hex-Rays microcode optimization pass to find calls to WPP_SF* functions and replace them with NOPs before pseudocode generation.

About

Remove WPP calls from hexrays decompiled code

Topics

ida-pro ida-plugin idapython hexrays

Resources

Readme

License

GPL-3.0 license
Activity

Stars

56 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 1

v1.0.0 Latest
Jan 26, 2026

Packages

 
 
 

Contributors

Languages