The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler [Paperback]

Chris Eagle (Author)

Book Description

Publication Date: August 19, 2008

No source code? No problem. With IDA Pro, you live in a source code-optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of mnemonics into something you can actually use.

Hailed by the creator of IDA Pro as the "long-awaited" and "information-packed" guide to IDA, The IDA Pro Book covers everything from the very first steps to advanced automation techniques. While other disassemblers slow your analysis with inflexibility, IDA invites you to customize its output for improved readability and usefulness. You'll save time and effort as you learn to:

• Identify known library routines, so you can focus your analysis on other areas of the code
• Extend IDA to support new processors and filetypes, making disassembly possible for new or obscure architectures
• Explore popular plug-ins that make writing IDA scripts easier, allow collaborative reverse engineering, and much more
• Utilize IDA's built-in debugger to tackle obfuscated code that would defeat a stand-alone disassembler

You'll still need serious assembly skills to tackle the toughest executables, but IDA makes things a lot easier. Whether you're analyzing the software on a black box or conducting hard-core vulnerability research, a mastery of IDA Pro is crucial to your success. Take your skills to the next level with The IDA Pro Book.

Editorial Reviews

About the Author

Chris Eagle is a Senior Lecturer and Associate Chairman of Computer Science at the Naval Postgraduate School in Monterey, CA. He is a co-author of Gray Hat Hacking and has spoken at numerous security conferences, including Blackhat, Defcon, Toorcon, and Shmoocon. Along with his team, the Sk3wl0fR00t, he is a past winner of the Defcon Capture the Flag hacking competition.

Product Details

• Paperback: 640 pages
• Publisher: No Starch Press; 1 edition (August 19, 2008)
• Language: English
• ISBN-10: 1593271786
• ISBN-13: 978-1593271787
• Product Dimensions: 8.9 x 7.1 x 1.6 inches
• Shipping Weight: 2.7 pounds
• Average Customer Review: 5.0 out of 5 stars  See all reviews (17 customer reviews)
• Amazon Best Sellers Rank: #350,453 in Books (See Top 100 in Books)
  • #22 in Books > Computers & Technology > Programming > Languages & Tools > Assembly Language Programming
  • #53 in Books > Computers & Technology > Computer Science > Artificial Intelligence > Machine Learning

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

26 of 26 people found the following review helpful:

5.0 out of 5 stars The IDA Pro Book Review, August 26, 2008

By 

E. Hulse (SA, TX) - See all my reviews
(REAL NAME)   

This review is from: The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler (Paperback)

Second Edition Review:
If you are considering any other book about IDA Pro Don't bother, as The IDA Pro Book Second Edition is the only book on IDA Pro that you will need.

The overall structure of the Second Edition is unchanged, which is not a bad thing. The structure Chris Eagle uses allows for inexperienced users to get spun up on the basics of IDA Pro while allowing experienced users to jump into more advanced topics.

The author has an excellent method of elaborating concepts. A Novice user can easily follow the examples and build knowledge as they dive deeper into the book. Experienced users should not be put off by this, the first half of the book may be aimed at the Novice, but the second half is packed with much deeper information on more advanced topics.

If you've read the first edition and take a look at the table of contents for the second edition you may be deceived into thinking very little has changed. In fact, you'd be wrong as the second edition offers much more coverage of IDA Python. The second edition also brings users up to speed on the latest editions to IDA Pro to include Scriptable Plugins, Loader Modules and Scriptable Processor Modules. The Second Edition has an increased number of examples using IDA Python, whereas the examples from the first editions were largely only in C using IDC /SDK.

The Likes & Dislikes of the book remain the same as my review for the first edition. Although, after considering my only dislike I must admit that my suggestion is somewhat beyond the scope of the book.

Bottom line on the Second Edition: If you are new to IDA Pro you NEED this book. If you are experienced with IDA Pro I still suggest picking it up!


First Edition Review:
I was able to pick up a pre-released copy of The IDA Pro book at Defcon in the vendor area, thanks to Adam from No Starch. This book is not an introduction to reverse engineering, its a hard core manual for IDA Pro. IDA Pro is a critical weapon in any reverser's arsenal, so proficiency in this tool is paramount to your success in reverse engineering. If you are new to IDA Pro you need this book, even if you've been working with IDA for a while you will more than likely learn quite a few things after reading it. Unlike the two other books I've read on IDA Pro this book has no fluff or filler, its solid information! The funny thing when comparing it to the other two IDA books is its thicker than both combined, and contains an exponentially larger amount of information.

The author takes time to explain things in a very clear manner as you walk through from an introduction to the tool to more advanced usage such as customizing, extending IDA, debugging, and dealing with obfuscated code. The author answered questions I had been spent weeks asking and searching the Internet for.


Likes:

Just about everything. The author walks you through plenty of code and discusses scenarios where you could apply the information he is giving you. The fact that he took his time to elaborate on why, and when you might use a piece of information is unlike many authors whom will give you information and leave the reader wondering "What would I use that for".

This book does not just talk about Win32 and Portable Executable format, ELF binaries have a continual guest appearance throughout the book, and firmware/binaries are mentioned in numerous chapters.

Side bar elaboration is kept to a minimum, I often find in texts that an author will go on about background information that does not add anything significant to what I am reading. Chris Eagle keeps this to a minimum adding small side bars when necessary but only take up a small amount of real estate.


Dislikes

My only dislike of this book was the use of PE format as the example in chapter 18 - Binary Files and Ida Loader modules. Despite the use of a well known format chosen for this example the concepts were clearly displayed. I think it would have made it more interesting if the author had used a lesser known format, or do as the author of "Reversing, Secrets of Reverse Engineers" did and create his own binary.

8 of 8 people found the following review helpful:

5.0 out of 5 stars A good book for advanced users and an excellent book for beginners., October 3, 2008

By 

Albert Sweigart - See all my reviews
(REAL NAME)   

This review is from: The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler (Paperback)

IDA Pro is a tool that I always tentatively held at arms length. The magnitude of its complexity and lack of accessible documentation (in the form of vague web tutorials, advanced technical docs that were over my head, and half-remembered bits of advice) kept me from fully embracing this useful tool. Chris Eagle's book is the book I wish I had years ago.

The IDA Pro Book is the first book you should read if you are interested in IDA Pro, or disassembly and reverse engineering in general. It is also a book that intermediate and expert IDA Pro users can learn something new from as well.

The book focuses on IDA Pro, while delving into other related topics (assembly, binary formats, variations between compilers, etc.) to give the reader a general understanding but not so much as to be distracting. There is little fluff material, but plenty of concise, practical examples and scenarios.

As much as I enjoyed The Shellcoder's Handbook and Reversing: Secrets of Reverse Engineering, I would say reading The IDA Pro Book first would be an excellent primer.

3 of 3 people found the following review helpful:

5.0 out of 5 stars An awesome IDA Pro reference, January 6, 2009

By 

Rajat Swarup "raju321" (Los Angeles, CA United States) - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler (Paperback)

This is a really good book. Definitively a complete reference on IDA Pro. Chris Eagle has gone to great lengths to put in the detailed screenshots and examples to illustrate the power of IDA. There are chapters on IDC scripting, reversing obfuscated code, etc. Every small feature of IDA is well documented. This book is a good reference for novice to advanced users. One thing that is missing (may not technically be termed missing because it was released after the book was published) is the bochs emulator support using IDA Plugins. Since it is a plugin, it cannot technically be termed missing but would have been cool to read about in this book...may be in the next edition. This is a definite buy for reverse engineering enthusiasts.