Latest available version: IDA and decompilers v8.2.230124sp1 see all releases
Hex-Rays logo State-of-the-art binary code analysis tools
email icon

What is this course about?

IDA and the Hex-Rays decompiler are powerful tools usable by engineers with any skill level; the higher the skills, the better the result.

To get the best out of the products, the people behind IDA regularly organize training sessions to allow users to perfect their understanding of the concepts & methodology.

Training comprises theoretical and practical sections, with hands-on exercises given by experts. Different classes are provided to the needs of students, from entry-level to expert classes aimed at maximizing their capabilities!

Who should attend?
Security Engineers, Security Software Developers, Researchers, Forensic Specialists, Virus Analysts, Software Validators, ...

Ready to step up the next level in binary analysis? Scroll down for more information!

Hex-Rays training illustration
Standard
training(5 days)
Next training dates :
  • 18-22 September 2023 (CEST)
  • 04-08 December 2023 (EST)
Price per student: 5999 EUR/USD*

This training will be taken place ONLINE from 9am to 5pm.
This class provides standard knowledge about IDA by demonstrating its use to analyze binary programs on modern operating systems. While the training will be mainly focused on Microsoft Windows programs, the skills taught are universal and usable on other IDA supported platforms.

What will be covered in the course:

  • Feature oriented introduction to the IDA architecture: The training will focus on making the most of the core IDA disassembly features, its debugger and IDC to dissect real world malware.
  • Binary program analysis in IDA: where to begin, how to proceed toward the goal
  • The binary level representation of modern programs and how malware abuses conventions through code obfuscation, code hiding, etc. Special techniques to handle obfuscated code.
  • Problems encountered during analysis and how to handle them.
  • Automating IDA: batch processing, scripts, plugins

Standard Training outline:

  • IDA overview
  • Common executable file features
  • Debugger
  • IDC
  • IDA features
  • Memory organization
  • FLIRT
  • Type system
  • IDS files
  • Working with IDA
  • Creating the database: various information sources
  • Various views of the database
  • Navigation
  • Modifying the listing
  • Patching the program
  • With all this information, how do I start my analysis?
  • Working with high level data
  • Arrays
  • Structures
  • Enumerations and bitfields
  • Advanced operations
  • Offsets
  • Bulk operations
  • Special structure types
  • Function prototypes
  • Processor specific issues
  • Code obfuscation
  • Overview of obfuscation techniques
  • Countermeasures
  • Exercises with several real-world sample files
Book a seat for : September 2023 December 2023

*An Early Bird Discount of 10% is applicable for registrations made 30 calendar days before the beginning of the Standard session. Organizations registering 5 or more staff members are entitled to a Group Rate. An additional discount is available for registrees for both training sessions. For more information about the discounts, please get in touch with sales@hex-rays.com.
Advanced
training(3 days)
Next training dates :
  • 25-27 September 2023 (CEST)
  • 11-13 December 2023 (EST)
Price per student: 3599 EUR/USD*

This training is intended for experienced IDA users who want to take advantage of its open architecture by extending and improving it. Participants will learn how to write modules to modify the listing, react to events, decrypt/uncompressed data right in the database, and many other things. After the course, participants will have solid understanding of its concepts, classes, and programming interface. We will implement several useful plugins. Be prepared to program a lot in this class!

What will be covered in the course:

  • IDA architecture overview
    • Modules
    • Memory representation
    • Database organization
  • SDK Overview
    • Setting up
    • Processor module framework
    • Loader framework
    • Plugin framework
    • How to debug custom modules
  • IDA subsystems
    • Utils: i/o, custom stl, regex, misc
    • Database: netnodes and flags
    • Foundations: bytes, names, offsets, etc
    • Address range class: segments and functions
    • Accessing and using IDC
    • Cross-references
    • Functions
    • Events
    • Type information
    • Structures and enums
    • Debugger
    • User interface
    • Graphing
    • Decompiler framework
  • Plugin programming
    • General guidelines
    • Plugin samples/exercises
      • Colorizer
      • Object extractor
      • Debugger helper
      • Type information
      • Graph plugin
      • Processor extension
      • Reaction to events
Book a seat for : September 2023 December 2023

*An Early Bird Discount of 10% is applicable for registrations made 30 calendar days before the beginning of the Standard session. Organizations registering 5 or more staff members are entitled to a Group Rate. An additional discount is available for registrees for both training sessions. For more information about the discounts, please get in touch with sales@hex-rays.com.
Elias Bachaalany

Your Trainer

Elias is a programmer at heart and a passionate reverse engineer with focus on Windows OS and the x86 architecture. He has been using IDA Pro for at least 22 years. He worked at Hex-Rays where he contributed to the debugger plugins, IDAPython and scripting.

Elias loves writing and teaching. He co-authored 'Practical Reverse Engineering', 'The Antivirus Hacker's Handbook', and authored the Batchography book.

What do you need to attend this training?

1
An IDA license with active support period.
We will provide you with the latest version at the training. The package will include a free time-limited copy of the decompiler.
2
For standard class, good x86 assembly knowledge is required, basic MS Windows API, basic programming skills in any procedural programming languages (C++ is preferred)
3
For the advanced class, a working C++ compiler is necessary (Visual Studio on Windows, g++ on Linux, clang++ on OS X). This class also requires IDA user skills, programming skills in C/C++ languages, and solid reverse engineering experience.

What students think about
the
IDA training course

Very comprehensive and runs through how to use all the main features of IDA - Something for all level of IDA users.

A great way to maximize your use of this tool, even if you are familiar with the very basic functions, there are many non-intuitive but powerful features.

You will learn a lot about IDA and reverse engineering in general from a bird's eye perspective as well as from a low-level perspective.

Gives a very good overview of how to drive IDA programmatically and helps in dramatically simplifying the development environment setup.

Great opportunity to improve your skills.

...