References
Chevarista www.phrack.org/issues.html?issue=64&id=8
BugScam http://sourceforge.net/projects/bugscam
ERESI http://eresi.asgardlabs.org/
BinNavi http://sabre-security.com/
Chapter 12: Passive Analysis
307
PART IV
This page intentionally left blank
CHAPTER13 Advanced Static Analysis
with IDA Pro
In this chapter you will be introduced to additional features of IDA Pro that will help
you analyze binary code more efficiently and with greater confidence.
??? What makes IDA so good?
??? Binary analysis challenges
??? Dealing with stripped binaries
??? Dealing with statically linked binaries
??? Understanding the memory layout of structures and classes
??? Basic structure of compiled C++ code
??? The IDC scripting language
??? Introduction to IDA plug-ins
??? Introduction to IDA loader and processor modules
Out of the box, IDA Pro is already one of the most powerful binary analysis tools available.
The range of processors and binary file formats that IDA can process is more than
many users will ever need. Likewise, the disassembly view provides all of the capability
that the majority of users will ever want. Occasionally, however, a binary will be sufficiently
sophisticated or complex that you will need to take advantage of IDA??™s advanced
features in order to fully comprehend what the binary does.
Pages:
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555