What is IDA all about?
IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger that offers so many features it is hard to describe them all. Just grab an evaluation version if you want a test drive.
An executive summary is provided for the non-technical user.
The IDA Disassembler and Debugger is an interactive, programmable, extendible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X. IDA has become the de-facto standard for the analysis of hostile code, vulnerability research and COTS validation. See this executive overview for a summary of its features and uses.
Nothing beats the Human brain...
Because we know that one second of insight still beats hundred years of processing time, the IDA Disassembler offers as much interactivity as is possible. Virtually anything in the disassembly can be modified, manipulated, rearranged or redefined.
Static Disassembly is limited...
Mere static disassembly does not tell the whole story. Encrypted or obfuscated code is frequently present in today's hostile code; exact distinction between code and data is an art rather than a science. The IDA Disassembler's interactivity is complemented by aninternal scripting language, a Windows application/kernel debugger , a Linux application debugger, a 80x86 Mac OS X application debugger (both 32 and 64 bits are supported) and much much more...
Innovation must be cherished...
As an additional incentive to create new plugins for our products, we hold an annual plugin contest. The creators of useful public plugins can win a cash prize. We also publish the names on our Hall of Fame pages.
Time is the essence...
Gone are the days when an assembly language wizard would glance at a few op-codes and grasp the purpose of a program. Today's viruses and worms are often written in high level language. Thanks to our unique FLIRT technology and our advanced stack tracking capabilities, IDA Disassembler works as close as is possible to the original source code .
You know better...
We are the disassembler and debugger specialists but you are the ones producing the real work. You know what you need better than we do. That is why the IDA SDK allows you to extend and tailor IDA to your specific needs. Visit the IDA Palace for a few examples of what has been publicly released.
Security is of high priority for us...
We want our users to be safe while using our tools. This is why in addition to in-house testing, code reviews, and secure coding practices we introduced a bug bountyprogram. Reporters of critical bugs in our software can win a cash bounty. This way vulnerabilities in our software are reported directly to us. Naturally, we react immediately and issue a hot fix as soon as possible.
- disassembler modules for a large number of processors. Our free SDK even allows you to roll your own custom disassembler.
- full interactivity and extendability
- as close as possible to the high level source code
- flirt technology (fast library identification and recognition technology).
- type system and parameter tracking and identification
- code graphing
- the debugger adds dynamic analysis to the information gathered statically by the disassembler.
- offers all the features expected from a debugger and more: remote debugger, tracing.
- remote debugger: target either Windows, Linux, Mac OS X, and other machines in any combination.
- See ARM Windows CE Debugger
- Many other targets...