IDA pro book review
IDA pro book review
Book Title: The IDA Pro Book, “The Unofficial Guide to the World’s most popular disassembler”
Author: Chris Eagle
Publisher: No Starch Press
Publication Year: 2008
ISBN-10: 1-59327-178-6
Number of Chapters: 26
Number of Pages: 615
Book Price: $69.95
Rate Content: Very good
The IDA Pro Book, “The Unofficial Guide to the World’s most popular disassembler” is probably the best book on disassembling and reverse engineering. Chris Eagle, the author, lives and breaths reverse engineering. This tool discusses the techniques for reverse engineering but uses the tool IDA pro as an example.
IDA pro is the world’s most popular disassembler and allows users’ to reverse engineer binary and executable files without access to the source code.
I purchased the tool last year for around 600 dollars US. I have been using Eagle’s book as both an in depth reference guide and a step-by-step manual. I have mastered most areas in Internet Security but have not quite grasped reverse engineering. Eagle explains very complex computer algorithms in an easy to understand way without insulting the reader’s intelligence.
Reverse engineering is a bleeding edge technology and the author keeps on updating the book with new advances in the reverse engineering space. The book that I read was the 2008 edition but there is also a 2011 edition with more up to date information.
For the beginner in reverse engineering, the author explains disassembly and reverse engineering in the first few chapters allowing and even telling more advanced user’s to skip these chapters.
The IDA Pro Book, “The Unofficial Guide to the World’s most popular disassembler” gives a very good high level overview of reverse engineering by having a getting started section and lot’s of excellent high resolution pictures to help explain the topics.
It is also very helpful that Eagle has actual screen shots from IDA pro and a website with exercises on it to help the user learn in a more interactive way. http://www.idabook.com/
The website even includes the Conficker virus for user’s to review actual exploit code. Reverse engineering is important when corporations want to analyze the what and how viruses work.
I think the real golden nuggets in this book, is Part III Advanced IDA Usage. This allows the user’s to customize their version of IDA with configuration files.
The book also explains some very technical details on library recognition and FLIRT signatures, extending IDA’s Knowledge, Patching binaries and other IDA Limitations, scripting with IDA, The IDA software development kit, the IDA Plug-in architecture, binary files and IDA loader modules, IDA processor Modules, compiler variations, Obfuscated code analysis, vulnerability analysis, debugging and other operating systems that you can use IDA pro on.
I personally purchased IDA pro for my Mac Book pro. If I didn’t have this book I would be completely lost on how to use IDA pro effectively. The actual help inside of IDA is sparse and this bridges the gap and allows the user to become a beginner to expert with a lot of blood sweat and tears saved.
My only real recommendation before buying this book is to make sure that you are serious about reverse engineering and have invested the 600 dollars into the full version of the tool. That is the only way you will get the full value of the book. IDA offers a free version of the tool but you will only scratch the surface of reverse engineering if that is the only copy of IDA you have.
In short this is the Bible of reverse engineering and Eagle is the expert on the domain. If you want the best and have the time to put into it I recommend you buy IDA and the book.
Matt Parsons, CISSP, MSM mparsons@parsonsiconsulting.com
parsonsisconsulting 
Leave a Reply