#JustReleased
: Happy to announce that
#IDAFreeware
has been upgraded to the latest IDA version 7.6 and features a cloud-based decompiler! Try it out and let us know what you think 👉
#ESETresearch
discovered a trojanized IDA Pro installer, distributed by the
#Lazarus
APT group. Attackers bundled the original IDA Pro 7.5 software developed by
@HexRaysSA
with two malicious components.
@cherepanov74
1/5
IDA Pro for arm64 is coming! We have ported all of IDA to run natively on Apple Silicon, and it will be available in IDA 7.6. Initial analysis shows that the hype is real 🤩:
#AppleSilicon
#M1
#macmini
#BigSur
We know that Rust is gaining more popularity, and we will enhance our support. We’ve reached the first milestone–string literals recovery 🎉 It is a valuable addition that can benefit many of you right away. Give it a try 🌐
#idapro
#decompiler
#idaplugin
The wait is over! IDA 8.2 is now released, and it comprises some awesome improvements. Check all the changes and features 🌐
#IDAPro
#HexRays
#NewRelease
Our congratulations to the winners of Hex-Rays Plugin Contest 2021!🎉🎁🎆
🥇 Tenet by
@gaasedelen
🥈 D-810 by Boris Batteux, eShard
🥉 nmips by
@galli_leo_
With many excellent entries selecting just three was a real challenge. Take a look yourself:
Our new decompiler plugin is now available! gooMBA is here to help when you’re struggling with a ‘'mixed boolean arithmetic”-obfuscated binary. Read more 🌐
#HexRays
#HexRaysDecompiler
#IDAPro
🚀The much-awaited IDA 7.6 is now available, with killer Apple Silicon support! Check out all the details about its latest features and enhancements:
#IDAPro
#release
#IDA76
Exciting news! We’ve just released IDA 8.3 with changes to speed up and improve your analysis. Check out the details and get started 🌐
#IDAPro
#HexRays
#NewRelease
A comprehensive use of IDA disassembler and debugger in "Malware Analysis and Detection Engineering". That's the best combination for RE looking further into malware analysis! Kudos to
@AnoopSaldanha
and
@pedramamini
for the 900+ page beast!📚Check it out:
Still waiting for the release of macOS11 Big Sur? Its internals can be already reverse-engineered thanks to IDA 7.5 Service Pack 3. Check out our updated XNU Debugging tutorial with macOS11 kernel debugging:
#IDAPro
#macOSBigSur
#osx
#VMware
Introducing the IDAClang tutorial. This is a deep dive into IDA's new clang-based source code parser. Also introducing a new command-line utility that can generate type libraries from C++. We provide examples for STL, Boost, MFC, IDA SDK, Qt, XNU, and more
In a couple of days, we'll be releasing IDA 9.0! We're excited to introduce our supercharged FLIRT Manager plus thousands of new signatures, available as separate downloads 🤩 Learn more 🌐
#idapro
🥁 We have the winners of the Hex-Rays Plugin Contest 2022! Our congratulations go to:
🥇 ttddbg by
@simsor
and
@citronneur
🥈 ida_kcpp by Uriel Malin and Ievgen Solodovnykov
🥉 FindFunc by Felix B.
Take a look at the full list:
#PluginContest
#IDA
🤩 We’ve got some big news to share 🤩 IDA 8.4 is now released 🚀Get ready for an improved, polished, and much more convenient version! Read the details and get it now 🌐
#IDAPro
#HexRays
#NewRelease
🗞 We have some great news today! IDA 8.1 is officially released and has some cool features, such as the Private Lumina server! Learn more about the latest features and enhancements 🌐
#IDAPro
#HexRays
#NewRelease
#PrivateLuminaServer
Are you ready? We're revealing some of the exciting new features in IDA 9.0, launching on September 30th! 🚀 First up: C++ Exceptions Support in the Decompiler. Learn why this feature is a game-changer 🌐
#idapro
#decompiler
The wait is almost over! IDA 9.0 ships on September 30th, and we’re revealing another exciting feature - the new RISC-V decompiler and Enhanced Disassembler Extensions! 🤩 Read more 🌐
#idapro
#decompiler
#riscv
IDA Free has been upgraded to the latest IDA version 7.7SP1!
This light but powerful tool can quickly analyze the binary code samples and allow users to take a closer look at the results.
Try it out for free
#IDAFreeware
#Binaryanalysis
#HexRays
We’ve just published another great Plugin Focus article! Can Bölük (
@_can1357
) introduces his NtRays plugin for automated simplification of Windows Kernel decompilation. Read more 🌐
#IDAPro
#IDAPython
#IDAPlugin
#NtRays
Attention, educational institutions 🎓 Elevate your academic curriculum with
#IDAEducational
. Get a free license boosted with x86 and x64 decompilers 🌐
#HexRays
#IDA
#IDAEdu
IDA Educational is completely free to universities and other academic institutions! Some news and improvements are coming up. More information is available at
#HexRays
#IDA
#IDAEdu
We are happy to share that
#IDAEducational
has been updated! Say goodbye to file size limits and embrace a world of boundless learning! Dive into larger projects and expand your educational journey like never before 🌐
#HexRays
#IDA
Another great Plugin Focus blog post is out! Marc-Étienne Léveillé introduces the IPyIDA plugin. Learn how this IDA add-on makes prototyping and Python plugin and script development friendlier 🌐
#PluginFocus
#IDAPro
#IDAPython
#IDAPlugin
Another great
#PluginFocus
blog post is out! The guys from the Airbus CERT Team are introducing the
#ComIDA
plugin, a tool focused on finding usage of COM objects inside Windows modules. Read more 🌐
#IDAPro
#IDAPython
#IDAPlugin
Or put this code in hexrays.cfg if you need it all the time:
---
PSEUDOCODE_SYNCED=YES
PSEUDOCODE_DOCKPOS=DP_RIGHT
---
Plus, you'll have your pseudocode and disassembly listing side-by-side, instead of separate tabs!
We’ve got some cool stuff today! A
#PluginFocus
article by Baptiste Verstraeten from the
@thalium_team
. He introduces
#Symless
- a nifty tool aiming to simplify the process of retrieving & defining structures, classes, and virtual tables 🌐
#IDAPython
Corellium's product is real, on top of their reliable service and very helpful support team! Note that
#IDAPro
has supported iOS kernel debugging via
@CorelliumHQ
since IDA 7.3:
"Corellium, a security research firm sued by Apple, has won a major legal victory against the iPhone maker. A federal judge in Florida threw out Apple’s claims that Corellium violated copyright law with its software, which helps security researchers find bugs and security holes."
#TGIFwithIgor
: We are excited to present our special blog series ‘Igor’s tip of the week’, where
@IgorSkochinsky
, one of our experts behind
#IDA
shares his tips and functionalities that are not always known. Enjoy his 1st blog about the keyboard shortcuts:
Recently our decompiler started renaming some automatically created variables. How does this feature work and can it be used manually?
Bonus content: a small primer on analyzing a Windows driver.
#IgorsTipOfTheWeek
#IDAtips
#IDAPro
#HexraysDecompiler
Thank you Jiří! Bochs is a very powerful emulator and can be easily used from IDA to debug low-level code like bootloaders and OS kernels but also to emulate simple PE binaries, often enough to unpack them for further analysis:
#IDAPro
#debugging
#malware
As I can´t see anymore people spending time reversing literally 20 lines of code
#WhisperGate
MBR wiper😀I'll take advantage of it to convince you to do it in way to learn something hopefully interesting.🙏
IDA+BochsEmu+cfg+image:
Take a break and read our new
#PluginFocus
article! Martin Perier and Louis Jacotot from
@Synacktiv
introduce Frinet – a combination of a Frida-based tracer that supports iOS, Android, Linux, Windows with an enhanced version of the Tenet trace explorer 🌐
(almost) everything about using debug symbols in IDA:
Bonus content: how to load a Linux kernel into IDA with all symbols.
#IgorsTipOfTheWeek
#IDAtips
#IDAPro
We’ve got some good news for you this Monday! IDA 8.4 SP2 has just been released and is available for download on our website 🌐
#idapro
#sp1
#newrelease
We are thrilled to announce that over 500 reversers took part in our
#ctf
, and just a bit over 150 managed to free Madame de Maintenon and send her back to us. A huge THANKS to all of you! The winners are mentioned in the thread below 👇 Congratulations 🎉
#idapro
#hexrays
#DYK
: How to create a set of strings by using the 'Array...' dialog?
1️⃣Create one string
2️⃣Open the dialog, set the range
3️⃣Uncheck 'Create as array'
✅And here you go! (works for any string format: ASCII, ISO-8859-1, UTF-16, UTF-32,..)
💡More
#IDA
tips:
Variable-sized structures are not very common, but when they do appear, it may not be obvious how to handle them in IDA. Check out some hints in the new tip of the week!
#IgorsTipOfTheWeek
#IDAtips
#IDAPro
Tired of browsing for the same script(s) over and over with "File > Script file..."? Simply try "Recent scripts" window (Alt+F9), and double-click to run them!
#IDAPro
#IDAtips
You can now compare hex-rays to other decompilers, thanks to
@dogboltorg
Check their online tool that lets you make a side-by-side comparison of decompilers on small executables 🌐
It was an incredible
#OffensiveCon23
. Whatever we say, it wouldn't be enough—big thanks to the organizers and all of you who stopped by our table.
#hexrays
#ida
#idapro
#ICYMI
: Universities and other academic institutions can take advantage of free
#IDAEducational
licenses! Equip your students with the best binary analysis tool and provide them with an invaluable learning experience. Apply today 🌐
#HexRays
#IDA
Take the time to read our new
#PluginFocus
article. In this blog post, Arnaud Gatignol (
@_anyfun
) and Julien Staszewski (
@_0perator
) from the
@thalium_team
introduce ida kmdf, a tool that helps with your KMDF driver analysis. Read more 🌐
#idapro
It is great to announce the
#release
of Service Pack 2 for
#IDA
7.5 today! SP2 fixes some immediate issues with the new macOS11/iOS14 binaries and focuses principally on enhancing the static analysis for new file formats. Learn more:
#HexRays
#IDAPro
Latest updates 🗞️ We’ve just published IDA 8.4 Service Pack 1 (SP1). As you would expect, it includes bug fixes and some useful improvements 🛠️ Get it now from our website 🌐
#idapro
#sp1
#newrelease
We’re happy to announce our new blog series called “Plugin Focus” where authors of some of the most useful plugins will introduce them and provide some valuable insights. We start with HRDevHelper 🌐
#PluginFocus
#IDAPro
#IDAPython
#IDAPlugin
🎇 We are kicking off 2024, geared up for a year full of innovation and cool new features! Big thanks to our incredible community for the energy and continuous support! 🫶 Happy New Year to all! 🎊
#hexrays
#idapro
#HappyNewYear
🎃 Halloween challenge! Find the hidden instruction in this image, and then continue solving the puzzle on our website 🕷
🎁 The quickest 5 will win an exclusive t-shirt!
#IDA
#hexrays
#halloweenchallenge
For a reverse engineer, the ability to directly call a function from the analyzed binary can be a shortcut that bypasses a lot of grief. In this article, we explore and compare 3 ways of invoking functions: IDA Appcall, Dumpulator, and Unicorn Engine.
Attention, IDA fans! Next week we are launching an
#IDATrivia
. Each day we will ask two IDA-related questions and give one of you a prize for answering both questions correctly. The first round of the trivia starts on Monday.
Hint:
#hexrays
#idapro
Available since
#IDAPro
5.6, Appcall feature comes in handy in various scenarios and can be used from IDAPython or IDC. See how it works and more uses:
I like light-weight emulation approach for string decryption. A challenge is dealing with library functions.
Another option is IDAPython AppCall. It is handy and useful approach for handling complicated string encryption such as
#ShadowPad
We are glad to announce the release of IDA 7.5 Service Pack 1! Enjoy this service pack with many improvements for the newly released features in IDA Pro 7.5 and IDA Home. Discover the complete change list here:
#ReverseEngineering
#ida
#hexrays
New update to our IDA plugin!
Now, code blocks get colors matching the classification by our IDA Pro plugin to speed up the reversing process:
🔴red for malicious
🟣purple for unique / unknown
🟠orange for admin-tool / common application
🟢green for trusted
🔵blue for common
Igor’s tip of the week is a great way to improve your IDA knowledge. We’ve organized all these tips in online documents that are free and accessible to everyone 👇
HexRays
#IgorsTipOfTheWeek
#IDAtips
Another example of an interesting but uncomplicated code obfuscation. Various while-cycles based on two dword values are used as garbage code, which do not change the control flow in any way (Figure 1).
Interested in doing reverse engineering fast & efficiently but don’t know the method? This might help you: the Online Reverse Engineering Video Courses by
@nicolasbrulez
! Check it out and receive our special offer for the course registrants: