Since the number of debugger modules in IDA surpassed the magical number seven plus or minus two, we created a small table describing what is available and what is not: http://www.hex-rays.com/idapro/debugger/index.htm Direct links to tutorials are available here: http://www.hex-rays.com/idapro/idasupport.htm I know, I know – we need to add 64-bit support for all platforms, port the Bochs […]
Read MoreWhen IDA introduced debugging facilities years ago, the task of analyzing hostile code became more enriched: no more looking at static code and figuring out what it does, instead just run the malware in a virtual machine and debug it remotely, even debug just a small code […]
Read MoreI’m happy to inform you that we are entering the beta stage of IDA v5.4! In addition to numerous small and not that small improvements, the new version will have three debugger modules: bochs, gdb, and windbg, selectable on the fly (the active debugger session will be closed, though ;)) With the bochs debugger, we offer […]
Read MoreIf you analyze MIPS binaries, you may find useful the following addition to IDA: http://www.binary-art.net/?p=1002 This is MIPS emulator for Linux. It can generate an IDC script after emulation, which then can be applied to the database and make it more readable.
Read MoreBochs debugger plugin is in alpha stage now, all of the 3 loaders mentioned in the previous blog entry, are now complete.
Read MoreThe last week Elias ran a sample malware in the Bochs emulator and I was curious to see what it exactly does. So I took the unpacked version of the malware and fed it into the decompiler. It turned out to be a pretty short downloadler (different AV vendors give it different names: Lighty […]
Read MoreThe next version of IDA will be released with a bochs debugger plugin, and what is nice about it is that you will be able to use it easily by just downloading bochs executables and telling IDA where to find them.
Read MoreThe idea to use BITS to download files from the internet is not new. If you check the corresponding page from Wikipedia, you will find that Background Intelligent Transfer Service (BITS) is a component of modern Microsoft Windows operating systems that facilitates prioritized, throttled, and asynchronous transfer of files between machines using idle network bandwidth. The […]
Read MoreThis is not the first book about IDA Pro. However, this is the first book I recommend to anyone using IDA Pro because of the following points: Comprehensive: it describes all major IDA features by starting at the beginning and going all the way to the end. Experienced users may be tempted to skip the first few chapters; […]
Read MoreI’m happy to tell you that Mr. Elias Bachaalany has joined our development team! He is one of keenest and most knowledgeable IDA users. Elias bought his first copy of IDA long ago while he was a student. Immediately after that he contacted us with tons of questions, suggestions, ideas how to improve things, etc. While […]
Read More