Challenge

Digital forensic investigations occur when malicious software compromises a system. In the event of a software-based attack, companies usually dispatch specialized Computer Emergency Response Teams (CERTs) to eliminate the threat, assess the extent of the damage, and understand how the attack was implemented to prevent similar incidents in the future.

Such teams collect digital evidence from various devices and even distributed systems and thus work with a wide variety of binary code formats and often obfuscated code.

Approach

IDA Pro can analyze binary code collected during a forensic investigation. It can handle virtually any code that runs on modern processors, even heavily obfuscated ones.

IDA has been relentlessly battle-tested in the field against real-world malware, and possible feature extensions via custom scripts and plugins have made it the tool of choice for many CERT organizations.

U.S. government CERT agencies, like CISA and FBI, used IDA Pro for Chinese Trojan analysis

Read Analysis Report about Chinese Remote Access Trojan: TAIDOOR

Novetta relied on IDA decompiler while investigating cyber attacks against Sony

Read Report about Operation Blockbuster

Check Point Research used IDA to uncover a malware campaign aroused during Russia/Ukraine war

Read about Twisted Panda

Products

IDA Home
IDA Pro
IDA Free
IDA Classroom
IDA Pro OEM
Private Lumina Add-on
Teams Add-on
Training courses

Case studies

Malware Analysis & Digital Forensics
Vulnerability research & penetration testing
Dynamic Analysis & Debugging
Automotive Security
Interoperability
Software Assessments

Classroom

IDA Classroom Free
Classroom discount for IDA Pro

Resources

Documentation
Forum
Blog
Community plugins

Pricing

For organizations
For individuals
For education providers
Our reseller partners

Company

About us
Careers
Privacy policy
Terms of use
Contact us

Connect with the community on

X Mastodon LinkedIn YouTube

© 2024 Copyright Hex-Rays