Summary

This course offers a succinct introduction to the fundamental features of IDA Pro. Participants will become familiar with the most commonly used parts of the user interface and learn how to overcome challenges encountered during the reverse engineering process. The course will cover navigation and interaction with the disassembly and the decompiler, as well as exploring IDA's powerful type system. The program will include both lectures and in-program demonstrations. Additionally, we will provide small exercises for participants to solve during the course to deepen their understanding of the covered material.

Prerequisites

Basics in Computer Architecture, Operating Systems and Programming

Course Overview

Session 1: IDA Overview and Navigation

Around 1.5h
  • IDA overview
  • Loading files into IDA
    • File format loader
    • Target processor
    • Auto analyzer
  • Main user interface
    • Main menu
    • Navigation bar
    • Status indicator
    • Analysis indicator
    • Output window
    • Command line interpreter
    • Desktop configuration
    • Command palette
    • View synchronization
  • Disassembly View
    • Text mode
    • Graph mode
    • Proximity mode
    • Navigation
    • Bookmarks
    • Hints
    • Address details window
  • Functions view
  • Pseudocode view
  • Hex view
  • Names view
  • Strings view
  • Imports view
  • Exports view
  • Segments view

Session 2: I in IDA is for Interactive

Around 1.5h
  • Editing data
    • Converting bytes to data
    • Builtin data types
    • Data representation
    • Strings
    • Offsets
    • Arrays
    • Patching
  • Editing code
    • Disassembler options
    • Converting bytes to code
    • Creating functions
    • Editing functions
      • Names
      • Attributes
      • Chunks
      • Stack pointer and stack frame
      • Calling conventions
      • Prototypes
  • Editing pseudocode
    • Renaming
    • Setting and editing builtin data types
    • Mapping and splitting variables
    • Casts
  • Undo / Redo
  • Snapshots
  • Commenting

Session 3: The IDA Type System

Around 1.5h
  • Creating and Editing Types
    • Standard Structures and Enums
    • Creating Structures
    • Editing Structures
    • Unions
    • Creating Enums
    • Editing Enums
    • Type libraries
    • Importing/exporting types
  • Applying Types
    • Applying types to data
    • Applying types to code
    • Applying types to pseudocode

Session 4: Various Useful IDA Tricks

Around 1.5h
  • IDA file system hierarchy
  • Using plugins
  • Decompiler tricks
    • Decompile as call
    • Skippable instructions
    • Intrinsics
    • Force decompilation
  • Working with more than one analysis target
  • Function recognition
  • Function identification
    • Signatures
    • Lumina
  • Architecture-specific tricks
  • String pools
  • Memory segments
  • Searching
    • Byte patterns
    • Wildcards
    • Regular expressions

Enroll to one of our next sessions

Products

IDA Home
IDA Pro
IDA Free
IDA Classroom
IDA Pro OEM
Private Lumina Add-on
Teams Add-on
Training courses

Case studies

Malware Analysis & Digital Forensics
Vulnerability research & penetration testing
Dynamic Analysis & Debugging
Automotive Security
Interoperability
Software Assessments

Classroom

IDA Classroom Free
Classroom discount for IDA Pro

Resources

Documentation
Forum
Blog
Community plugins

Pricing

For organizations
For individuals
For education providers
Our reseller partners

Company

About us
Careers
Privacy policy
Terms of use
Contact us

Connect with the community on

X Mastodon LinkedIn YouTube

© 2024 Copyright Hex-Rays