IDA Pro Enhances Hostile Code Analysis Support

Hi,

IDA Pro is really amazing, new IDA ( 5.4 ) will have an innovative support for Hostile Code Analysis, that consists on a Bochs Emulated Debug Environment.

“The next version of IDA will be released with a bochs debugger plugin, and what is nice about is that you will be able to use it easily by just downloading bochs executables and telling IDA where to find it.”

“Finally comes the pe loader, which is a specialized bochs loader, that will read your PE file and create a virtual environment similar to windows environment, trying to mimic basic demands for a PE file (import resolution, SEH, api emulation backed by IDC scripts).”

What to say? is a really great enhancement for Malware Analysis 😉

Here you can watch the first video on Bochs Debugging http://hex-rays.com/video/bochs_video_1.html

Regards,

Giuseppe ‘Evilcry’ Bonfa’ 🙂

This entry was posted on Saturday, October 4th, 2008 at 9:40 am and is filed under Reverse Code Engineering, TechLife. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to IDA Pro Enhances Hostile Code Analysis Support

  1. b0ne says:
    October 4, 2008 at 2:19 pm

    Ida 5.3 is already out… presumably it will be Ida 5.4, but we’ll see…

    Reply
  2. evilcodecave says:
    October 5, 2008 at 6:19 am

    True it’s IDA 5.4, thanks! 😉

    Reply

Leave a comment