State-of-the-art binary code analysis tools
Although IDA has been created first and foremost to analyze binaries in “black box” mode, i.e. without any symbols or debug information, it does have the ability to consume such information when available. The debugger functionality was also initially optimized to debug binaries on the assembly level, but nowadays can work with source code too. Source-level […]
Hints (aka tooltips) are popup windows with text which appear when you hover the mouse cursor over a particular item in IDA. They are available in many situations.
IDA Pro for ARM64 is coming! We have ported all of IDA to run natively on Apple Silicon and it will be available in IDA 7.6. Initial analysis shows that the hype is real. IDA is consistently performing much faster on M1 macs: And a visual representation, for your viewing delight: https://www.hex-rays.com/wp-content/uploads/2020/12/split.mp4 We have also ported the mac […]
Along with the release of Service Pack 3 for IDA 7.5, we have updated our XNU Debugging Tutorial with a new section about macOS11 kernel debugging. It has some analysis and debugging tips for the new kernelcache format in macOS11 Big Sur. We hope you will find it useful! Downloads XNU Debugging Tutorial […]
We have updated our iOS Debugging Tutorial. It has some new sections that should be of particular interest: “Debugging the DYLD Shared Cache” discusses how to combine IDA’s incremental dyldcache loading functionality with the iOS Debugger. “Debugging System Applications” is a concrete example of how to use IDA to debug an iOS system daemon on a jailbroken […]
We posted an addendum to the release notes for IDA 7.2: The Mac Rundown. It dives much deeper into the Mac-specific features introduced in 7.2, and should be great reference material for users interested in reversing the latest Apple binaries. It’s packed full of hints, tricks, and workarounds. We hope you will find it quite useful! […]
One of the new features of IDA 6.6 is the Dalvik debugger, which allows us to debug Dalvik binaries on the bytecode level. Let us see how it can help when analysing Dalvik files. Encoded strings Let us consider the package with the encrypted strings: STRINGS:0001F143 unk_1F143:.byte 0x30 # 0 # DATA XREF: STR_IDS:off_70 STRINGS:0001F144 aFda8sohchnidgh: .string “FDA8sOhCHNidghM2hzFxMXUsivl2k7hFOhkJrW7O2ml8qLVM”,0 STRINGS:0001F144 […]