PRACTICAL IDA PRO

Student Pre-requisite

Software Requirement

Legal IDA Pro license (5.5 or higher, 6.0+ recommended). Hexrays helpful, but not required.

Hardware Requirement

Laptop Computer

Course Outline

Practical IDA Pro

  • IDA overview
  • Common executable file features
  • Debugger
  • IDC
  • IDA features
  • Memory organization
  • FLIRT
  • Type system
  • IDS files
  • Working with IDA
  • Creating the database: various information sources
  • Various views of the database
  • Navigation
  • Modifying the listing
  • Patching the program
  • With all this information, how do I start my analysis?
  • Working with high level data
  • Arrays
  • Structures
  • Enumerations and bitfields
  • Advanced operations
  • Offsets
  • Bulk operations
  • Special structure types
  • Function prototypes
  • Processor specific issues
  • Exercises/labs with several real-world sample files
  • Writing plug-in/scripts for IDA
  • Summary

About Instructor

Moti Joseph has been involved in computer security since 2000. He has been working on reverse engineering exploit code and developing security products for CheckPoint and WebSense Secuirty Labs and currenlty for COSEINC and spoken in different conferences including

  • (*) at Blackhat USA Las Vegas 2007
  • (*) at Shanghai Jiao Tong University 2010
  • (*) at SysCan2010 Taiwan, Taipei
  • (*) at CONF2010 Poland, Karkow
  • (*) at CONF2009 Poland, Warsaw
  • (*) at ShakaCon 2009 USA
  • (*) at POC 2009 South Korea and 2010 Seoul