Igor’s tip of the week #05: Highlight

In IDA, highlight is the dynamic coloring of a word or number under the cursor as well as all matching substrings on the screen. In the default color scheme, a yellow background color is used for the highlight. Highlight is updated when you click on a non-whitespace location in the listing or move the cursor with […]

IDA 7.2 – The Mac Rundown

We posted an addendum to the release notes for IDA 7.2: The Mac Rundown. It dives much deeper into the Mac-specific features introduced in 7.2, and should be great reference material for users interested in reversing the latest Apple binaries. It’s packed full of hints, tricks, and workarounds. We hope you will find it quite useful! […]

IDA Dalvik debugger: tips and tricks

One of the new features of IDA 6.6 is the Dalvik debugger, which allows us to debug Dalvik binaries on the bytecode level. Let us see how it can help when analysing Dalvik files. Encoded strings Let us consider the package with the encrypted strings: STRINGS:0001F143 unk_1F143:.byte 0x30 # 0 # DATA XREF: STR_IDS:off_70 STRINGS:0001F144 aFda8sohchnidgh: .string “FDA8sOhCHNidghM2hzFxMXUsivl2k7hFOhkJrW7O2ml8qLVM”,0 STRINGS:0001F144 […]

Installing PIP packages, and using them from IDA on a 64-bit machine

Recently, one of our customers came to us asking how he should proceed to be able to install python packages, using PIP, and use those from IDA. The issue he was facing is that his system is a 64-bit Ubuntu 12.04 VM. Therefore using the Ubuntu-bundled PIP will just result in installing the desired package (let’s say […]