Current Version: IDA v6.9 (21.12.2015)
\nCurrent Version: IDA v7.0.1 (18.09.2018)<\/p>\n
Currently IDA Pro is a 32-bit application. One year later (in the first quarter of 2017) we will switch to 64-bit. Please note that this means that IDA Pro will not run on 32-bit systems after the transition.<\/p><\/blockquote>\n
News<\/a> (like current version)
\nExecutive Summary: IDA Pro \u2013 at the cornerstone of IT security<\/a>
\nWhat is IDA Pro?<\/p>\n\n
- IDA Pro is a disassembler<\/li>\n
- IDA Pro is a debugger<\/li>\n
- IDA Pro is interactive<\/li>\n
- IDA Pro is programmable<\/li>\n<\/ul>\n
How is IDA Pro useful?<\/p>\n
\n
- Hostile Code analysis<\/li>\n
- Vulnerability research<\/li>\n
- COTS validation<\/li>\n
- Privacy protection<\/li>\n<\/ul>\n
Debugger<\/h3>\n
Host:<\/p>\n
\n
- Windows<\/li>\n
- Linux<\/li>\n
- Mac OS X<\/li>\n<\/ul>\n
Target:<\/p>\n
\n
- Windows<\/li>\n
- Linux<\/li>\n
- Mac OS X<\/li>\n<\/ul>\n
Debugger<\/p>\n
\n
- Remote GDB debuggger<\/li>\n
- Remote Linux debugger<\/li>\n
\n
Remote Linux debugger:
\nRemote debugging with IDA PRO 7.0<\/a><\/p>\n\r\nC:\\Program Files\\IDA 7.0\\dbgsrv\r\n<\/pre>\nDecompiler (Binary => C Code)<\/p>\n
\n
- x86 decompiler (32-bit code)<\/li>\n
- x64 decompiler (64-bit code)<\/li>\n
- ARM decompiler (32-bit code)<\/li>\n
- ARM64 decompiler (64-bit code)<\/li>\n<\/ul>\n
IDA Pro Book, 2nd Edition<\/a>, No Starch Press<\/p>\n
Hex-Rays IDA<\/a>
\nHex-Rays IDA Order<\/a><\/p>\nDocuments<\/h3>\n
Digital Genome Mapping – Advanced Binary Malware Analysis<\/a>, PDF<\/p>\n
Books<\/h3>\n
\n
- Practical Malware Analysis, 2012, Michael Sikorski, Andrew Honig<\/li>\n
- The IDA Pro book, 2008, Chris Eagle<\/li>\n
- Reverse Engineering Code with IDA Pro, Justin Ferguson, Jason Larsen, Luis Miras, Walter Pearce<\/li>\n<\/ul>\n
Blog<\/h3>\n
HexBlog<\/a><\/p>\n
Installing IDA 6.9 on Linux<\/a>
\nDecompilation gets real<\/a><\/p>\nDevelopers<\/h3>\n
\n
- Ilfak Guilfanov (Wikipedia<\/a>)<\/li>\n
- Igor Skochinsky<\/li>\n
- Arnaud Diederen<\/li>\n<\/ul>\n
Keyboard Shortcuts<\/h3>\n
\r\nEnter = Jump to operand\r\nCtrl-X = List Cross-Reference\r\n<\/pre>\nContest<\/h3>\n
Hex-Rays Context Results<\/a><\/p>\n
Plug-Ins<\/h3>\n
Unicorn – The ultimate CPU emulator<\/a>
\nUnicorn & QEMU<\/a>
\ngithub.com\/cseagle\/sk3wldbg<\/a>, Debugger plugin for IDA Pro backed by the Unicorn Engine
\ngithub.com\/alexhude\/uEmu<\/a>, Tiny cute emulator plugin for IDA based on unicorn
\ngithub.com\/unicorn-engine\/unicorn\/tree\/master\/qemu<\/a><\/p>\nCPU Emulators<\/h3>\n
\n
- Unicorn, Next Generation CPU Emulator (fork of QEMU)<\/li>\n
- QEMU<\/li>\n
- libemu<\/li>\n
- PyEmu<\/li>\n
- IDA-x86emu<\/li>\n
- libCPU<\/li>\n<\/ul>\n
Re-Assembler<\/h3>\n
Recompile the asm file IDA pro created<\/a>
\ngenerate_nasm.idc<\/a>
\nIDA pro asm instructions change<\/a>
\nWhy there are not any disassemblers that can generate re-assemblable asm code?<\/a>
\nModifying and Saving in IDA<\/a><\/p>\n\n
- OllyDBG<\/a> (Wikipedia<\/a>)<\/li>\n
- LordPE<\/a><\/li>\n
- GNU Binutils objdump<\/a><\/li>\n
- objconv<\/li>\n<\/ul>\n
Modify Assembler<\/h3>\n
Applied IDA Pro: Part 1 – Applied Cracking & Byte Patching with IDA Pro<\/a>
\nApplied IDA Pro: Part 2 – Applied Reverse Engineering with IDA Pro<\/a><\/p>\nOllyDBG<\/h3>\n
OllyDBG<\/a><\/p>\n
Other debuggers<\/h3>\n
Is there any disassembler to rival IDA Pro?<\/a>
\nbest alternatives to IDA, Immunity and Ollydbg<\/a>
\nx64dbg<\/a> (Github<\/a>)
\nradare2<\/a> (Github<\/a>)
\nBokken<\/a> (GUI for Radare2)
\nSnowman<\/a> (Github<\/a>)
\nVdb \/ Vivisect<\/a> (Github<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"Current Version: IDA v6.9 (21.12.2015) Current Version: IDA v7.0.1 (18.09.2018) Currently IDA Pro is a 32-bit application. One year later (in the first quarter of 2017) we will switch to 64-bit. Please note that this means that IDA Pro will not run on 32-bit systems after the transition. News (like current version) Executive Summary: IDA […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5006","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/5006","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5006"}],"version-history":[{"count":21,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/5006\/revisions"}],"predecessor-version":[{"id":8371,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/5006\/revisions\/8371"}],"wp:attachment":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5006"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5006"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5006"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}