Standard edition (the Advanced edition is currently $795 and includes support
for a larger number of processor architectures), but it’s definitely worth it if
you’re going to be doing a significant amount of reversing on large programs.
At the time of writing, DataRescue was offering a free time-limited trial ver-
sion of IDA. If you’re serious about reversing, I’d highly recommend that you
give IDA a try—it is one of the best tools available. Figure 4.2 shows a typical
IDA Pro screen.
Feature wise, here’s the ground rule: Any feature you can think of that is pos-
sible to implement is probably already implemented in IDA. IDA is a remark-
ably flexible product, providing highly detailed disassembly, along with a
plethora of side features that assist you with your reversing tasks.
IDA is capable of producing powerful flowcharts for a given function. These
are essentially logical graphs that show chunks of disassembled code and pro-
vide a visual representation of how each conditional jump in the code affects
the function’s flow. Each box represents a code snippet or a stage in the func-
tion’s flow. The boxes are connected by arrows that show the flow of the code
based on whether the conditional jump is satisfied or not. Figure 4.3 shows an
IDA-generated function flowchart.
Figure 4.2 A typical IDA Pro screen, showing code disassembly, a function list, and a string
list.
Reversing Tools 113