IDA Pro Book
The Unofficial Guide to the World's Most Popular Disassembler
by Chris Eagle

August 2008, 640 pp.
ISBN: 978-1-59327-178-7

New edition available now!

"I wholeheartedly recommend The IDA Pro Book to all IDA Pro users."
Ilfak Guilfanov, creator of IDA Pro

"This is the densest, most accurate, and, by far, the best IDA Pro book ever released."
—Pierre Vandevenne, Owner and CEO of DataRescue SA

Download Chapter 12: "Library Recognition Using FLIRT Signatures"

For sample code, the binary files used to generate examples, additional examples, and references, visit The IDA Pro Book's Official Website

No source code? No problem. With IDA Pro, you live in a source code–optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you’ll learn how to turn that mountain of mnemonics into something you can actually use.

Hailed by the creator of IDA Pro as the "long-awaited" and "information-packed" guide to IDA, The IDA Pro Book covers everything from the very first steps to advanced automation techniques. While other disassemblers slow your analysis with inflexibility, IDA invites you to customize its output for improved readability and usefulness. You’ll save time and effort as you learn to:

  • Identify known library routines, so you can focus your analysis on other areas of the code
  • Extend IDA to support new processors and filetypes, making disassembly possible for new or obscure architectures
  • Explore popular plug-ins that make writing IDA scripts easier, allow collaborative reverse engineering, and much more
  • Utilize IDA’s built-in debugger to tackle obfuscated code that would defeat a stand-alone disassembler

You’ll still need serious assembly skills to tackle the toughest executables, but IDA makes things a lot easier. Whether you’re analyzing the software on a black box or conducting hard-core vulnerability research, a mastery of IDA Pro is crucial to your success. Take your skills to the next level with The IDA Pro Book.

About the Author

Chris Eagle is a senior lecturer at the US Naval Postgraduate School in Monterey, California. He is a co-author of Gray Hat Hacking and has spoken at numerous security conferences, including Black Hat, DEFCON, ToorCon, and ShmooCon.

Table of Contents

Foreword by Pierre Vandevenne
Acknowledgments
Introduction

PART I: Introduction to IDA
Chapter 1: Introduction to Disassembly
Chapter 2: Reversing and Disassembly Tools
Chapter 3: IDA Pro Background

PART II: Basic IDA Usage
Chapter 4: Getting Started with IDA
Chapter 5: IDA Data Displays
Chapter 6: Disassembly Navigation
Chapter 7: Disassembly Manipulation
Chapter 8: Datatypes and Data Structures
Chapter 9: Cross-References and Graphing
Chapter 10: The Many Faces of IDA

PART III: Advanced IDA Usage
Chapter 11: Customizing IDA
Chapter 12: Library Recognition Using FLIRT Signatures
Chapter 13: Extending IDA's Knowledge
Chapter 14: Patching Binaries and Other IDA Limitations

PART IV: Extending IDA's Capabilities
Chapter 15: Scripting with IDC
Chapter 16: The IDA Software Development Kit
Chapter 17: The IDA Plug-In Architecture
Chapter 18: Binary Files and IDA Loader Modules
Chapter 19: IDA Processor Modules

PART V: Real-World Application
Chapter 20: Compiler Variations
Chapter 21: Obfuscated Code Analysis
Chapter 22: Vulnerability Analysis
Chapter 23: Real-World IDA Plug-Ins

PART VI: The IDA Debugger
Chapter 24: The IDA Debugger
Chapter 25: Disassembler/Debugger Integration
Chapter 26: Linux, OS X, and Remote Debugging with IDA

A: Using IDA Freeware 4.9
B: IDC/SDK Cross-Reference
C: What's New in IDA 5.3

Index
Updates

View the detailed Table of Contents (PDF)

View the Index (PDF)

(top)

Reviews

"If you are looking for the most thorough and accurate IDA Pro book, you are holding it in your hands. The long awaited book from Chris Eagle is packed with tons of information. Beginners will find it helpful because it covers the basics [and] experienced users will discover new and powerful aspects of IDA Pro. Among other things, you will learn how to deal with obfuscated code, analyze new file formats and processors, [and] write plugins and scripts. I wholeheartedly recommend it to all IDA Pro users."
Ilfak Guilfanov, creator of IDA Pro

"This is the densest, most accurate, and, by far, the best IDA Pro book ever released."
Pierre Vandevenne, Owner and CEO of DataRescue SA

"Chris Eagle delivers a very concise, well laid out book in The IDA Pro Book. The step by step examples, and much needed detail of all aspects of IDA alone make this book a good choice...I honestly think, like IDA, it will be the industry standard on one of the more intimidating applications in the security and reverse engineering world."
Cody Pierce, TippingPoint DVLabs (Read More)

"Chris Eagle is clearly an excellent educator, as he makes the sometimes very dense and technically involved material easy to read and understand and also chooses his examples well."
Dino Dai Zovi, Trail of Bits blog (Read More)

"I highly recommend this book to anyone from the person looking to begin using IDA Pro to the seasoned veteran. There truly is something there for everyone."
Dustin D. Trammell, dtrammell.wordpress.com (Read More)

"Apart from being a great source of information and ideas on how to leverage IDA's power, the writing is also particularly solid, with few or no errors, which is a notable exception to many technical books published nowadays."
Reviews.com (Read More)

"Unlike the two other books I've read on IDA Pro this book has no fluff or filler, its solid information! The funny thing when comparing it to the other...IDA books is it's thicker than both combined, and contains an exponentially larger amount of information."
Eric Hulse, technology blogger (Read More)

"Reverse engineering is not for everyone, but it can be a very valuable skillset to develop. It could be a good fit for you or someone on your team if your company deals with targeted malware that’s meant to steal financial, health, or authentication data. Or if you’re interested in vulnerability research and want a job -- there are definitely lucrative positions in that niche of the security industry. Either way, you should take a look at The IDA Pro Book."
John H. Sawyer, Dark Reading (Read More)

"This book does definitely get a strong buy recommendation from me. It's well written and it covers IDA Pro more comprehensively than any other written document I am aware of (including the actual IDA Pro Manual). Furthermore I'm confident that everybody, even people who used IDA Pro for a decade, will learn something from the book and can use it as a reference in daily work."
the-interweb.com (Read More)

"Whether you need to solve a tough runtime defect or examine your application security from the inside out, IDA Pro is a great tool and this book is THE guide for coming up to speed."
Joe Stagner, misfitgeek.com (Read More)

"Chris Eagle's The IDA Pro Book provides a significantly better understanding not of just IDA Pro itself, but of the entire RE process. There are little gems littered throughout the book that bring in real-life experience and knowledge that you don't always get from other books instructing you in the use of an application."
The Ethical Hacker Network (Read More)

"Should you buy this book? If you already have (some) RE knowledge and plan on using IDA (even if only the free version), the answer is a resounding yes."
—Hype-Free (Read More)

(top)

Updates

(show updates)(top)