Feature request: programmatic access to vtable data (JSON export) #5
Description
Problem
VTableExplorer does excellent vtable analysis, but the results are only accessible through the GUI chooser. There's no way to programmatically access vtable data from IDAPython scripts or external tools.
Use cases
- Scripted analysis: iterate over all vtables and their entries from IDAPython without clicking through the GUI
- External tooling: export vtable data for use in other RE tools, documentation generators, or decompiler plugins
- MCP integration: expose vtable data to AI-assisted reverse engineering tools via the Model Context Protocol. An MCP server for IDA can call these IDC functions to give LLMs structured access to vtable/inheritance data, enabling AI-assisted class hierarchy analysis
- Batch processing: annotate or compare vtables across multiple binaries in automated workflows
Proposed solution
Register IDC functions that return JSON strings, callable from IDAPython via idc.eval_idc(). This is zero-copy, in-process, and requires no file I/O or network sockets.
4 functions:
| Function | Description |
|---|---|
VTableExplorer_Scan() |
Returns all discovered vtables with class names, function counts, inheritance info |
VTableExplorer_Entries(addr) |
Returns per-slot entries for a specific vtable |
VTableExplorer_Compare(derived, base) |
Compares two vtables (inherited/overridden/new) |
VTableExplorer_Hierarchy(class_name) |
Returns ancestors and descendants for a class |
Example usage:
import idc, json
vtables = json.loads(idc.eval_idc("VTableExplorer_Scan()"))
for vt in vtables:
print(f"{vt['class_name']} @ {vt['address']} ({vt['func_count']} funcs)")
entries = json.loads(idc.eval_idc(f"VTableExplorer_Entries({vtables[0]['address']})"))
for e in entries['entries']:
print(f" [{e['index']}] {e['func_name']}")I've already implemented this and will be submitting a PR shortly. If you're happy with the approach, I'd love to get it merged — it would allow me to build MCP server integration on top of it for AI-assisted reverse engineering workflows.
Also includes a CMakeLists.txt for native Windows MSVC builds, an IDAPython convenience wrapper, and a test script.