The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler / Edition 2

Paperback (Print)
Rent from
(Save 74%)
Est. Return Date: 06/17/2015
Used and New from Other Sellers
Used and New from Other Sellers
from $27.99
Usually ships in 1-2 business days
(Save 59%)
Other sellers (Paperback)
  • All (25) from $27.99   
  • New (16) from $32.80   
  • Used (9) from $27.99   


No source code? No problem. With IDA Pro, the interactive disassembler, you live in a source code-optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of mnemonics into something you can actually use.

Hailed by the creator of IDA Pro as "profound, comprehensive, and accurate," the second edition of The IDA Pro Book covers everything from the very first steps to advanced automation techniques. You'll find complete coverage of IDA's new Qt-based user interface, as well as increased coverage of the IDA debugger, the Bochs debugger, and IDA scripting (especially using IDAPython). But because humans are still smarter than computers, you'll even learn how to use IDA's latest interactive and scriptable interfaces to your advantage.

Save time and effort as you learn to:

  • Navigate, comment, and modify disassembly
  • Identify known library routines, so you can focus your analysis on other areas of the code
  • Use code graphing to quickly make sense of cross references and function calls
  • Extend IDA to support new processors and filetypes using the SDK
  • Explore popular plug-ins that make writing IDA scripts easier, allow collaborative reverse engineering, and much more
  • Use IDA's built-in debugger to tackle hostile and obfuscated code

Whether you're analyzing malware, conducting vulnerability research, or reverse engineering software, a mastery of IDA is crucial to your success. Take your skills to the next level with this 2nd edition of The IDA Pro Book.

Read More Show Less

Product Details

  • ISBN-13: 9781593272890
  • Publisher: No Starch Press San Francisco, CA
  • Publication date: 7/7/2011
  • Edition description: Second Edition
  • Edition number: 2
  • Pages: 672
  • Sales rank: 369,431
  • Product dimensions: 6.90 (w) x 9.10 (h) x 1.70 (d)

Meet the Author

Chris Eagle is a Senior Lecturer of Computer Science at the Naval Postgraduate School in Monterey, CA. He is the author of many IDA plug-ins, co-author of Gray Hat Hacking, and has spoken at numerous security conferences, including Black Hat, Defcon, ToorCon, and ShmooCon.

Read More Show Less

Table of Contents

Introduction to IDA;
Chapter 1: Introduction to Disassembly;
1.1 Disassembly Theory;
1.2 The What of Disassembly;
1.3 The Why of Disassembly;
1.4 The How of Disassembly;
1.5 Summary;
Chapter 2: Reversing and Disassembly Tools;
2.1 Classification Tools;
2.2 Summary Tools;
2.3 Deep Inspection Tools;
2.4 Summary;
Chapter 3: IDA Pro Background;
3.1 Hex-Rays’ Stance on Piracy;
3.2 Obtaining IDA Pro;
3.3 IDA Support Resources;
3.4 Your IDA Installation;
3.5 Thoughts on IDA’s User Interface;
3.6 Summary;
Basic IDA Usage;
Chapter 4: Getting Started with IDA;
4.1 Launching IDA;
4.2 IDA Database Files;
4.3 Introduction to the IDA Desktop;
4.4 Desktop Behavior During Initial Analysis;
4.5 IDA Desktop Tips and Tricks;
4.6 Reporting Bugs;
4.7 Summary;
Chapter 5: IDA Data Displays;
5.1 The Principal IDA Displays;
5.2 Secondary IDA Displays;
5.3 Tertiary IDA Displays;
5.4 Summary;
Chapter 6: Disassembly Navigation;
6.1 Basic IDA Navigation;
6.2 Stack Frames;
6.3 Searching the Database;
6.4 Summary;
Chapter 7: Disassembly Manipulation;
7.1 Names and Naming;
7.2 Commenting in IDA;
7.3 Basic Code Transformations;
7.4 Basic Data Transformations;
7.5 Summary;
Chapter 8: Datatypes and Data Structures;
8.1 Recognizing Data Structure Use;
8.2 Creating IDA Structures;
8.3 Using Structure Templates;
8.4 Importing New Structures;
8.5 Using Standard Structures;
8.6 IDA TIL Files;
8.7 C++ Reversing Primer;
8.8 Summary;
Chapter 9: Cross-References and Graphing;
9.1 Cross-References;
9.2 IDA Graphing;
9.3 Summary;
Chapter 10: The Many Faces of IDA;
10.1 Console Mode IDA;
10.2 Using IDA’s Batch Mode;
10.3 Summary;
Advanced IDA Usage;
Chapter 11: Customizing IDA;
11.1 Configuration Files;
11.2 Additional IDA Configuration Options;
11.3 Summary;
Chapter 12: Library Recognition Using FLIRT Signatures;
12.1 Fast Library Identification and Recognition Technology;
12.2 Applying FLIRT Signatures;
12.3 Creating FLIRT Signature Files;
12.4 Summary;
Chapter 13: Extending IDA’s Knowledge;
13.1 Augmenting Function Information;
13.2 Augmenting Predefined Comments with loadint;
13.3 Summary;
Chapter 14: Patching Binaries and Other IDA Limitations;
14.1 The Infamous Patch Program Menu;
14.2 IDA Output Files and Patch Generation;
14.3 Summary;
Extending IDA’s Capabilities;
Chapter 15: IDA Scripting;
15.1 Basic Script Execution;
15.2 The IDC Language;
15.3 Associating IDC Scripts with Hotkeys;
15.4 Useful IDC Functions;
15.5 IDC Scripting Examples;
15.6 IDAPython;
15.7 IDAPython Scripting Examples;
15.8 Summary;
Chapter 16: The IDA Software Development Kit;
16.1 SDK Introduction;
16.2 The IDA Application Programming Interface;
16.3 Summary;
Chapter 17: The IDA Plug-in Architecture;
17.1 Writing a Plug-in;
17.2 Building Your Plug-ins;
17.3 Installing Plug-ins;
17.4 Configuring Plug-ins;
17.5 Extending IDC;
17.6 Plug-in User Interface Options;
17.7 Scripted Plug-ins;
17.8 Summary;
Chapter 18: Binary Files and IDA Loader Modules;
18.1 Unknown File Analysis;
18.2 Manually Loading a Windows PE File;
18.3 IDA Loader Modules;
18.4 Writing an IDA Loader Using the SDK;
18.5 Alternative Loader Strategies;
18.6 Writing a Scripted Loader;
18.7 Summary;
Chapter 19: IDA Processor Modules;
19.1 Python Byte Code;
19.2 The Python Interpreter;
19.3 Writing a Processor Module Using the SDK;
19.4 Building Processor Modules;
19.5 Customizing Existing Processors;
19.6 Processor Module Architecture;
19.7 Scripting a Processor Module;
19.8 Summary;
Real-World Applications;
Chapter 20: Compiler Personalities;
20.1 Jump Tables and Switch Statements;
20.2 RTTI Implementations;
20.3 Locating main;
20.4 Debug vs. Release Binaries;
20.5 Alternative Calling Conventions;
20.6 Summary;
Chapter 21: Obfuscated Code Analysis;
21.1 Anti–Static Analysis Techniques;
21.2 Anti–Dynamic Analysis Techniques;
21.3 Static De-obfuscation of Binaries Using IDA;
21.4 Virtual Machine-Based Obfuscation;
21.5 Summary;
Chapter 22: Vulnerability Analysis;
22.1 Discovering New Vulnerabilities with IDA;
22.2 After-the-Fact Vulnerability Discovery with IDA;
22.3 IDA and the Exploit-Development Process;
22.4 Analyzing Shellcode;
22.5 Summary;
Chapter 23: Real-World IDA Plug-ins;
23.1 Hex-Rays;
23.2 IDAPython;
23.3 collabREate;
23.4 ida-x86emu;
23.5 Class Informer;
23.6 MyNav;
23.7 IdaPdf;
23.8 Summary;
The IDA Debugger;
Chapter 24: The IDA Debugger;
24.1 Launching the Debugger;
24.2 Basic Debugger Displays;
24.3 Process Control;
24.4 Automating Debugger Tasks;
24.5 Summary;
Chapter 25: Disassembler/Debugger Integration;
25.1 Background;
25.2 IDA Databases and the IDA Debugger;
25.3 Debugging Obfuscated Code;
25.4 IdaStealth;
25.5 Dealing with Exceptions;
25.6 Summary;
Chapter 26: Additional Debugger Features;
26.1 Remote Debugging with IDA;
26.2 Debugging with Bochs;
26.3 Appcall;
26.4 Summary;
Using IDA Freeware 5.0;
Restrictions on IDA Freeware;
Using IDA Freeware;
IDC/SDK Cross-Reference;

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)