APPENDIX F. CHEATSHEETS APPENDIX F. CHEATSHEETS

Appendix F

Cheatsheets

F.1 IDA

Hot-keys cheatsheet:

key meaning

Space switch listing and graph view

C convert to code

D convert to data

A convert to string

* convert to array

U undefine

O make offset of operand

H make decimal number

R make char

B make binary number

Q make hexadecimal number

N rename identificator

? calculator

G jump to address

: add comment

Ctrl-X show references to the current function, label, variable (incl. in local stack)

X show references to the function, label, variable,etc.

Alt-I search for constant

Ctrl-I search for the next occurrence of constant

Alt-B search for byte sequence

Ctrl-B search for the next occurrence of byte sequence

Alt-T search for text (including instructions, etc)

Ctrl-T search for the next occurrence of text

Alt-P edit current function

Enter jump to function, variable, etc

Esc get back

Num - fold function or selected area

Num + unhide function or area

Function/area folding may be useful for hiding function parts when you realize what they do. this is used in my script^1 for

hiding some often used patterns of inline code.

F.2 OllyDbg

Hot-keys cheatsheet:

hot-key meaning

F7 trace into

F8 step over

F9 run

Ctrl-F2 restart

(^1) GitHub