| | |  | Certification Central | Home » » The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler | | | | | | | Description: | | No source code? No problem. With IDA Pro, you live in a source code-optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of mnemonics into something you can actually use. Hailed by the creator of IDA Pro as the "long-awaited" and "information-packed" guide to IDA, The IDA Pro Book covers everything from the very first steps to advanced automation techniques. While other disassemblers slow your analysis with inflexibility, IDA invites you to customize its output for improved readability and usefulness. You'll save time and effort as you learn to: - Identify known library routines, so you can focus your analysis on other areas of the code
- Extend IDA to support new processors and filetypes, making disassembly possible for new or obscure architectures
- Explore popular plug-ins that make writing IDA scripts easier, allow collaborative reverse engineering, and much more
- Utilize IDA's built-in debugger to tackle obfuscated code that would defeat a stand-alone disassembler
You'll still need serious assembly skills to tackle the toughest executables, but IDA makes things a lot easier. Whether you're analyzing the software on a black box or conducting hard-core vulnerability research, a mastery of IDA Pro is crucial to your success. Take your skills to the next level with The IDA Pro Book.
| | | Product Details: | | | Author:
| Chris Eagle | | Paperback:
| 640 pages | | Publisher:
| No Starch Press | | Publication Date:
| August 19, 2008 | | Language:
| English | | ISBN:
| 1593271786 | | Product Length:
| 8.88 inches | | Product Width:
| 7.12 inches | | Product Height:
| 1.63 inches | | Product Weight:
| 2.62 pounds | | Package Length:
| 9.2 inches | | Package Width:
| 7.0 inches | | Package Height:
| 1.5 inches | | Package Weight:
| 2.7 pounds | | Average Customer Rating:
|  based on 18 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 18 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
26 of 26 found the following review helpful:
The IDA Pro Book ReviewAug 26, 2008
By E. Hulse
Second Edition Review:
If you are considering any other book about IDA Pro Don't bother, as The IDA Pro Book Second Edition is the only book on IDA Pro that you will need.
The overall structure of the Second Edition is unchanged, which is not a bad thing. The structure Chris Eagle uses allows for inexperienced users to get spun up on the basics of IDA Pro while allowing experienced users to jump into more advanced topics.
The author has an excellent method of elaborating concepts. A Novice user can easily follow the examples and build knowledge as they dive deeper into the book. Experienced users should not be put off by this, the first half of the book may be aimed at the Novice, but the second half is packed with much deeper information on more advanced topics.
If you've read the first edition and take a look at the table of contents for the second edition you may be deceived into thinking very little has changed. In fact, you'd be wrong as the second edition offers much more coverage of IDA Python. The second edition also brings users up to speed on the latest editions to IDA Pro to include Scriptable Plugins, Loader Modules and Scriptable Processor Modules. The Second Edition has an increased number of examples using IDA Python, whereas the examples from the first editions were largely only in C using IDC /SDK.
The Likes & Dislikes of the book remain the same as my review for the first edition. Although, after considering my only dislike I must admit that my suggestion is somewhat beyond the scope of the book.
Bottom line on the Second Edition: If you are new to IDA Pro you NEED this book. If you are experienced with IDA Pro I still suggest picking it up!
First Edition Review:
I was able to pick up a pre-released copy of The IDA Pro book at Defcon in the vendor area, thanks to Adam from No Starch. This book is not an introduction to reverse engineering, its a hard core manual for IDA Pro. IDA Pro is a critical weapon in any reverser's arsenal, so proficiency in this tool is paramount to your success in reverse engineering. If you are new to IDA Pro you need this book, even if you've been working with IDA for a while you will more than likely learn quite a few things after reading it. Unlike the two other books I've read on IDA Pro this book has no fluff or filler, its solid information! The funny thing when comparing it to the other two IDA books is its thicker than both combined, and contains an exponentially larger amount of information.
The author takes time to explain things in a very clear manner as you walk through from an introduction to the tool to more advanced usage such as customizing, extending IDA, debugging, and dealing with obfuscated code. The author answered questions I had been spent weeks asking and searching the Internet for.
Likes:
Just about everything. The author walks you through plenty of code and discusses scenarios where you could apply the information he is giving you. The fact that he took his time to elaborate on why, and when you might use a piece of information is unlike many authors whom will give you information and leave the reader wondering "What would I use that for".
This book does not just talk about Win32 and Portable Executable format, ELF binaries have a continual guest appearance throughout the book, and firmware/binaries are mentioned in numerous chapters.
Side bar elaboration is kept to a minimum, I often find in texts that an author will go on about background information that does not add anything significant to what I am reading. Chris Eagle keeps this to a minimum adding small side bars when necessary but only take up a small amount of real estate.
Dislikes
My only dislike of this book was the use of PE format as the example in chapter 18 - Binary Files and Ida Loader modules. Despite the use of a well known format chosen for this example the concepts were clearly displayed. I think it would have made it more interesting if the author had used a lesser known format, or do as the author of "Reversing, Secrets of Reverse Engineers" did and create his own binary.
8 of 8 found the following review helpful:
A good book for advanced users and an excellent book for beginners.Oct 03, 2008
By Albert Sweigart
IDA Pro is a tool that I always tentatively held at arms length. The magnitude of its complexity and lack of accessible documentation (in the form of vague web tutorials, advanced technical docs that were over my head, and half-remembered bits of advice) kept me from fully embracing this useful tool. Chris Eagle's book is the book I wish I had years ago.
The IDA Pro Book is the first book you should read if you are interested in IDA Pro, or disassembly and reverse engineering in general. It is also a book that intermediate and expert IDA Pro users can learn something new from as well.
The book focuses on IDA Pro, while delving into other related topics (assembly, binary formats, variations between compilers, etc.) to give the reader a general understanding but not so much as to be distracting. There is little fluff material, but plenty of concise, practical examples and scenarios.
As much as I enjoyed The Shellcoder's Handbook and Reversing: Secrets of Reverse Engineering, I would say reading The IDA Pro Book first would be an excellent primer.
3 of 3 found the following review helpful:
An awesome IDA Pro referenceJan 06, 2009
By Rajat Swarup
"raju321"
This is a really good book. Definitively a complete reference on IDA Pro. Chris Eagle has gone to great lengths to put in the detailed screenshots and examples to illustrate the power of IDA. There are chapters on IDC scripting, reversing obfuscated code, etc. Every small feature of IDA is well documented. This book is a good reference for novice to advanced users. One thing that is missing (may not technically be termed missing because it was released after the book was published) is the bochs emulator support using IDA Plugins. Since it is a plugin, it cannot technically be termed missing but would have been cool to read about in this book...may be in the next edition. This is a definite buy for reverse engineering enthusiasts.
4 of 5 found the following review helpful:
Do you really want to master the art of disassembly? Start here!Mar 28, 2010
By Raul Siles
"www.raulsiles.com"
Honestly, when picking up a book that is focused on a single tool, as in this case, my main concerns are: how linked (and limited) the content is to the tool and its capabilities, if the book can become obsolete soon with new versions of the tool, and what else the material offers to the specific field out of the tool.
In this case, it is fair to say that IDA Pro ([...]) is the most popular disassembly tool (and debugger now) in the market during the last decade, so covering it is like going deeper into the field of malware analysis, software reverse engineer and vulnerability research. Beginners can start playing with the evaluation version, while professionals have been using the Pro version for a long time.
Apart from that, the moment I realize Chris Eagle was the book author, it added some excitement to the mix. I know Chris when we released the Scan of the Month 32 challenge on the Honeynet Project ([...]), back in 2004. The challenge was focused on analyzing a home-made malware binary, called RaDa, and Chris was the winner ([...]); he even developed an IDA Pro script to unpack the binary and solve it.
Therefore, the book title does not make any justice to its contents :), as this is not only The IDA PRO Book or the unofficial guide, but the modern software disassembly (static binary analysis) masterpiece and The IDA Pro Bible.
The first two chapters are a must for anyone starting in the world of reversing and disassembly. Something I really liked about the introductory chapters is how the author establishes the relationships between the different functionality available in IDA, and other (more traditional) single tools offering similar capabilities.
Then, the book goes in depth into IDA, getting started, covering the interactive interface and navigation capabilities, including the well-known and the most hidden features, explaining how to manage data types, structures and projects, the beauty of cross-references and graphs, and how to extend and customize IDA for extra advanced analysis (libraries, IDC scripts, plugins, modules, etc). It offers the advance readers the required skills and tools to move their analysis activities to the next level.
Every chapter is preceded by a great introduction explaining what is it about, and when and why this chapter is important for the analyst. Chapters do not simply move over the different menus and capabilities of IDA Pro, but describe them within a context based on the author experience after years of binary analysis, going in depth into the essence and goal of a given feature, the way to use it and the common drawbacks. Chris also uses his experience to highlight what is the most typical finding and tool output in various scenarios and why.
The book ends up with a few chapters that challenge the reader to put in action the skills learned throughout the book into real-world applications. Finally, it covers the new debugging capabilities (dynamic binary analysis) available since IDA version 4.5. For those starting in the field, appendix A points out the differences between the free and the commercial IDA version, and how these may influence your interest on specific book chapters.
The book is highly recommended to both beginners and intermediate/advanced users and professionals, and definitely it is a dense (like the tool it covers) but very easy to read book that becomes a reference in your bookshelves the minute it reaches your hands. Besides that, its contents won't easily become obsolete with new IDA Pro version. It is not a book to read in a couple of nights; this is the kind of "practical" book that I strongly recommend to read with a computer and a running copy of IDA handy, so that you can test all the tips and tricks and practice the topics being discussed.
4 of 5 found the following review helpful:
The IDA Pro Bible, actually (now updated for IDA Pro 6.x)Dec 06, 2008
By Kristian Erik Hermansen
I have a few IDA Pro books at home. Luckily, I can throw out all the rest now thanks to Chris Eagle's wonderful contribution. I also tried quite hard to discover technical errors in this book, but there are very few. This book is solid. Cheers to the author! The 2nd edition updates and improves the content by expanding on new features added in IDA Pro 6.x. Highly recommended!!!
See all 18 customer reviews on Amazon.com
| | |
* Estimated shipping rate for US 48 states. Final rate calculated at checkout. |
