What is included with this book?
Dedication | |
Acknowledgments | |
Introduction | |
Introduction to IDA | |
Introduction to Disassembly | |
Disassembly Theory | |
The What of Disassembly | |
The Why of Disassembly | |
The How of Disassembly | |
Summary | |
Reversing and Disassembly Tools | |
Classification Tools | |
Summary Tools | |
Deep Inspection Tools | |
Summary | |
IDA Pro Background | |
Hex-Rays' Stance on Piracy | |
Obtaining IDA Pro | |
IDA Support Resources | |
Your IDA Installation | |
Thoughts on IDA's User Interface | |
Summary; Basic IDA Usage | |
Getting Started with IDA | |
Launching IDA | |
IDA Database Files | |
Introduction to the IDA Desktop | |
Desktop Behavior During Initial Analysis | |
IDA Desktop Tips and Tricks | |
Reporting Bugs | |
Summary | |
IDA Data Displays | |
The Principal IDA Displays | |
Secondary IDA Displays | |
Tertiary IDA Displays | |
Summary | |
Disassembly Navigation | |
Basic IDA Navigation | |
Stack Frames | |
Searching the Database | |
Summary | |
Disassembly Manipulation | |
Names and Naming | |
Commenting in IDA | |
Basic Code Transformations | |
Basic Data Transformations | |
Summary | |
Datatypes and Data Structures | |
Recognizing Data Structure Use | |
Creating IDA Structures | |
Using Structure Templates | |
Importing New Structures | |
Using Standard Structures | |
IDA TIL Files | |
C++ Reversing Primer | |
Summary | |
Cross-References and Graphing | |
Cross-References | |
IDA Graphing | |
Summary | |
The Many Faces of IDA | |
Console Mode IDA | |
Using IDA's Batch Mode | |
Summary; Advanced IDA Usage | |
Customizing IDA | |
Configuration Files | |
Additional IDA Configuration Options | |
Summary | |
Library Recognition Using FLIRT Signatures | |
Fast Library Identification and Recognition Technology | |
Applying FLIRT Signatures | |
Creating FLIRT Signature Files | |
Summary | |
Extending IDA's Knowledge | |
Augmenting Function Information | |
Augmenting Predefined Comments with loadint | |
Summary | |
Patching Binaries and Other IDA Limitations | |
The Infamous Patch Program Menu | |
IDA Output Files and Patch Generation | |
Summary; Extending IDA's Capabilities | |
IDA Scripting | |
Basic Script Execution | |
The IDC Language | |
Associating IDC Scripts with Hotkeys | |
Useful IDC Functions | |
IDC Scripting Examples | |
IDAPython | |
IDAPython Scripting Examples | |
Summary | |
The IDA Software Development Kit | |
SDK Introduction | |
The IDA Application Programming Interface | |
Summary | |
The IDA Plug-in Architecture | |
Writing a Plug-in | |
Building Your Plug-ins | |
Installing Plug-ins | |
Configuring Plug-ins | |
Extending IDC | |
Plug-in User Interface Options | |
Scripted Plug-ins | |
Summary | |
Binary Files and IDA Loader Modules | |
Unknown File Analysis | |
Manually Loading a Windows PE File | |
IDA Loader Modules | |
Writing an IDA Loader Using the SDK | |
Alternative Loader Strategies | |
Writing a Scripted Loader | |
Summary | |
IDA Processor Modules | |
Python Byte Code | |
The Python Interpreter | |
Writing a Processor Module Using the SDK | |
Building Processor Modules | |
Customizing Existing Processors | |
Processor Module Architecture | |
Scripting a Processor Module | |
Summary; Real-World Applications | |
Compiler Personalities | |
Jump Tables and Switch Statements | |
RTTI Implementations | |
Locating main | |
Debug vs. Release Binaries | |
Alternative Calling Conventions | |
Summary | |
Obfuscated Code Analysis | |
Anti–Static Analysis Techniques | |
Anti–Dynamic Analysis Techniques | |
Static De-obfuscation of Binaries Using IDA | |
Virtual Machine-Based Obfuscation | |
Summary | |
Vulnerability Analysis | |
Discovering New Vulnerabilities with IDA | |
After-the-Fact Vulnerability Discovery with IDA | |
IDA and the Exploit-Development Process | |
Analyzing Shellcode | |
Summary | |
Real-World IDA Plug-ins | |
Hex-Rays | |
IDAPython | |
collabREate | |
ida-x86emu | |
Class Informer | |
MyNav | |
IdaPdf | |
Summary; The IDA Debugger | |
The IDA Debugger | |
Launching the Debugger | |
Basic Debuuuuuugger Displays | |
Process Control | |
Automating Debugger Tasks | |
Summary | |
Disassembler/Debugger Integration | |
Background | |
IDA Databases and the IDA Debugger | |
Debugging Obfuscated Code | |
IdaStealth | |
Dealing with Exceptions | |
Summary | |
Additional Debugger Features | |
Remote Debugging with IDA | |
Debugging with Bochs | |
Appcall | |
Summary; Using IDA Freeware 5.0 | |
Restrictions on IDA Freeware | |
Using IDA Freeware; IDC/SDK Cross-Reference; | |
Table of Contents provided by Publisher. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.