Overview

IDA Pro is a commercial disassembler and debugger used by reverse engineers to dissect compiled computer programs, and is the industry standard tool for analysis of hostile code. The IDA Pro Book provides a comprehensive, top-down overview of IDA Pro and its use for reverse engineering software. Author Chris Eagle, a recognized expert in the field, takes readers from the basics of disassembly theory to the complexities of using IDA Pro in real-world situations. Topics are introduced in the order most frequently encountered, allowing experienced users to easily jump in at the most appropriate point. Eagle covers a variety of real-world reverse engineering challenges and offers strategies to deal with them, such as disassembly manipulation, graphing, and effective use of cross references. This second edition of The IDA Pro Book has been completely updated and revised to cover the new features and cross-platform interface of IDA Pro 6.0. Other additions include expanded coverage of the IDA Pro Debugger, IDA Python, and the IDA Pro SDK.

Full Product Details

Author:   Chris Eagle
Publisher:   No Starch Press,US
Imprint:   No Starch Press,US
Edition:   2nd New edition
Dimensions:   Width: 17.80cm , Height: 3.60cm , Length: 23.40cm
Weight:   1.162kg
ISBN:  

9781593272890

ISBN 10:   1593272898
Pages:   672
Publication Date:   11 July 2011
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Paperback
Publisher's Status:   Active
Availability:   In Print  
This item will be ordered in for you from one of our suppliers. Upon receipt, we will promptly dispatch it out to you. For in store availability, please contact us.

Table of Contents

PRAISE FOR THE FIRST EDITION OF THE IDA PRO BOOK; Dedication; Acknowledgments; Introduction; Introduction to IDA; Chapter 1: Introduction to Disassembly; 1.1 Disassembly Theory; 1.2 The What of Disassembly; 1.3 The Why of Disassembly; 1.4 The How of Disassembly; 1.5 Summary; Chapter 2: Reversing and Disassembly Tools; 2.1 Classification Tools; 2.2 Summary Tools; 2.3 Deep Inspection Tools; 2.4 Summary; Chapter 3: IDA Pro Background; 3.1 Hex-Rays' Stance on Piracy; 3.2 Obtaining IDA Pro; 3.3 IDA Support Resources; 3.4 Your IDA Installation; 3.5 Thoughts on IDA's User Interface; 3.6 Summary; Basic IDA Usage; Chapter 4: Getting Started with IDA; 4.1 Launching IDA; 4.2 IDA Database Files; 4.3 Introduction to the IDA Desktop; 4.4 Desktop Behavior During Initial Analysis; 4.5 IDA Desktop Tips and Tricks; 4.6 Reporting Bugs; 4.7 Summary; Chapter 5: IDA Data Displays; 5.1 The Principal IDA Displays; 5.2 Secondary IDA Displays; 5.3 Tertiary IDA Displays; 5.4 Summary; Chapter 6: Disassembly Navigation; 6.1 Basic IDA Navigation; 6.2 Stack Frames; 6.3 Searching the Database; 6.4 Summary; Chapter 7: Disassembly Manipulation; 7.1 Names and Naming; 7.2 Commenting in IDA; 7.3 Basic Code Transformations; 7.4 Basic Data Transformations; 7.5 Summary; Chapter 8: Datatypes and Data Structures; 8.1 Recognizing Data Structure Use; 8.2 Creating IDA Structures; 8.3 Using Structure Templates; 8.4 Importing New Structures; 8.5 Using Standard Structures; 8.6 IDA TIL Files; 8.7 C++ Reversing Primer; 8.8 Summary; Chapter 9: Cross-References and Graphing; 9.1 Cross-References; 9.2 IDA Graphing; 9.3 Summary; Chapter 10: The Many Faces of IDA; 10.1 Console Mode IDA; 10.2 Using IDA's Batch Mode; 10.3 Summary; Advanced IDA Usage; Chapter 11: Customizing IDA; 11.1 Configuration Files; 11.2 Additional IDA Configuration Options; 11.3 Summary; Chapter 12: Library Recognition Using FLIRT Signatures; 12.1 Fast Library Identification and Recognition Technology; 12.2 Applying FLIRT Signatures; 12.3 Creating FLIRT Signature Files; 12.4 Summary; Chapter 13: Extending IDA's Knowledge; 13.1 Augmenting Function Information; 13.2 Augmenting Predefined Comments with loadint; 13.3 Summary; Chapter 14: Patching Binaries and Other IDA Limitations; 14.1 The Infamous Patch Program Menu; 14.2 IDA Output Files and Patch Generation; 14.3 Summary; Extending IDA's Capabilities; Chapter 15: IDA Scripting; 15.1 Basic Script Execution; 15.2 The IDC Language; 15.3 Associating IDC Scripts with Hotkeys; 15.4 Useful IDC Functions; 15.5 IDC Scripting Examples; 15.6 IDAPython; 15.7 IDAPython Scripting Examples; 15.8 Summary; Chapter 16: The IDA Software Development Kit; 16.1 SDK Introduction; 16.2 The IDA Application Programming Interface; 16.3 Summary; Chapter 17: The IDA Plug-in Architecture; 17.1 Writing a Plug-in; 17.2 Building Your Plug-ins; 17.3 Installing Plug-ins; 17.4 Configuring Plug-ins; 17.5 Extending IDC; 17.6 Plug-in User Interface Options; 17.7 Scripted Plug-ins; 17.8 Summary; Chapter 18: Binary Files and IDA Loader Modules; 18.1 Unknown File Analysis; 18.2 Manually Loading a Windows PE File; 18.3 IDA Loader Modules; 18.4 Writing an IDA Loader Using the SDK; 18.5 Alternative Loader Strategies; 18.6 Writing a Scripted Loader; 18.7 Summary; Chapter 19: IDA Processor Modules; 19.1 Python Byte Code; 19.2 The Python Interpreter; 19.3 Writing a Processor Module Using the SDK; 19.4 Building Processor Modules; 19.5 Customizing Existing Processors; 19.6 Processor Module Architecture; 19.7 Scripting a Processor Module; 19.8 Summary; Real-World Applications; Chapter 20: Compiler Personalities; 20.1 Jump Tables and Switch Statements; 20.2 RTTI Implementations; 20.3 Locating main; 20.4 Debug vs. Release Binaries; 20.5 Alternative Calling Conventions; 20.6 Summary; Chapter 21: Obfuscated Code Analysis; 21.1 Anti--Static Analysis Techniques; 21.2 Anti--Dynamic Analysis Techniques; 21.3 Static De-obfuscation of Binaries Using IDA; 21.4 Virtual Machine-Based Obfuscation; 21.5 Summary; Chapter 22: Vulnerability Analysis; 22.1 Discovering New Vulnerabilities with IDA; 22.2 After-the-Fact Vulnerability Discovery with IDA; 22.3 IDA and the Exploit-Development Process; 22.4 Analyzing Shellcode; 22.5 Summary; Chapter 23: Real-World IDA Plug-ins; 23.1 Hex-Rays; 23.2 IDAPython; 23.3 collabREate; 23.4 ida-x86emu; 23.5 Class Informer; 23.6 MyNav; 23.7 IdaPdf; 23.8 Summary; The IDA Debugger; Chapter 24: The IDA Debugger; 24.1 Launching the Debugger; 24.2 Basic Debuuuuuugger Displays; 24.3 Process Control; 24.4 Automating Debugger Tasks; 24.5 Summary; Chapter 25: Disassembler/Debugger Integration; 25.1 Background; 25.2 IDA Databases and the IDA Debugger; 25.3 Debugging Obfuscated Code; 25.4 IdaStealth; 25.5 Dealing with Exceptions; 25.6 Summary; Chapter 26: Additional Debugger Features; 26.1 Remote Debugging with IDA; 26.2 Debugging with Bochs; 26.3 Appcall; 26.4 Summary; Using IDA Freeware 5.0; Restrictions on IDA Freeware; Using IDA Freeware; IDC/SDK Cross-Reference;

Reviews

"""Chris proves again his captivating and informative writing style. We highly recommend this book."" —Hex Blog ""The IDA Pro Book, 2nd Edition is an excellent book."" —Richard Bejtlich, TaoSecurity ""The additions made to the book have made an excellent resource even better."" —The Ethical Hacker Network ""If you are serious about mastering IDA Pro, this is the only book that you need."" —Hack in the Box Magazine ""This is the manual you need if you use IDA Pro for fun or profit."" —Secret Diabolical Workshop ""This updated edition of The IDA Pro Book is well-organized, smoothly written, and nicely illustrated."" —Books, Books & More (New) Books ""The book provides many great examples that are easy to follow along with and complete yourself."" —Small Town Geeks"

""Chris proves again his captivating and informative writing style. We highly recommend this book."" —Hex Blog ""The IDA Pro Book, 2nd Edition is an excellent book."" —Richard Bejtlich, TaoSecurity ""The additions made to the book have made an excellent resource even better."" —The Ethical Hacker Network ""If you are serious about mastering IDA Pro, this is the only book that you need."" —Hack in the Box Magazine ""This is the manual you need if you use IDA Pro for fun or profit."" —Secret Diabolical Workshop ""This updated edition of The IDA Pro Book is well-organized, smoothly written, and nicely illustrated."" —Books, Books & More (New) Books ""The book provides many great examples that are easy to follow along with and complete yourself."" —Small Town Geeks

Author Information

Chris Eagle is a Senior Lecturer of Computer Science at the Naval Postgraduate School in Monterey, CA. He is the author of many IDA plug-ins and co-author of Gray Hat Hacking, and he has spoken at numerous security conferences, including Black Hat, Defcon, ToorCon, and ShmooCon.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions