Other programs I’ve tried: ghidra, OllyDbg, Hopper
IDA is fast and well-featured. I’ve had multiple times where my process of having questions about a binary to figuring out the answer took minutes.
Hopper has a nicer UI, but works on fewer executables and does not analyze the binary as well.
IDA gets criticized for “having an interface designed by programmers,” but ghidra is much worse in that regard. “A giant Java program written by the government” describes it well. ghidra supposedly has a collaboration mode, but I gave up trying to get it to work after much effort.
OllyDbg is not really comparable, being primarily a binary debugger. But IDA’s built-in debugger is quite underrated. And their support is very good. I was among the first to use it for Android-hacking on Android 5.0, and found their Android debugger would not run with the new OS restrictions; they gave me a new version that would within a few days.
I’ve definitely looked at it, but don’t recall trying it. My first questions from looking at the screenshots are about its annotation capabilities (e.g.: naming functions, identifying structs) and its UI (IDA highlighting every use of a register when you mouse over it is stupendously useful).
Bryan Caplan has been creating his “economics graphic novels” using an old “comic creator” software. He has a valid license, but they company that makes it went out decades ago, and the license server no longer exists. So I disabled the license-server check for him.
When I worked in mobile, I did it frequently. Customer would call us and say our SDK isn’t working. I’d download their app off the app store, decompile it, and figure out exactly how they’re using us.
It’s also surprisingly frequent how often I want to step through a library or program that I’m using. If you link to that library as a binary, then (even if the source is available elsewhere) it’s often easiest to debug it using a reverse-engineering tool.
Software: IDA
Need: Binary reverse-engineering
Other programs I’ve tried: ghidra, OllyDbg, Hopper
IDA is fast and well-featured. I’ve had multiple times where my process of having questions about a binary to figuring out the answer took minutes.
Hopper has a nicer UI, but works on fewer executables and does not analyze the binary as well.
IDA gets criticized for “having an interface designed by programmers,” but ghidra is much worse in that regard. “A giant Java program written by the government” describes it well. ghidra supposedly has a collaboration mode, but I gave up trying to get it to work after much effort.
OllyDbg is not really comparable, being primarily a binary debugger. But IDA’s built-in debugger is quite underrated. And their support is very good. I was among the first to use it for Android-hacking on Android 5.0, and found their Android debugger would not run with the new OS restrictions; they gave me a new version that would within a few days.
Have you tried radare2? If you have, how does it stack against IDA?
I’ve definitely looked at it, but don’t recall trying it. My first questions from looking at the screenshots are about its annotation capabilities (e.g.: naming functions, identifying structs) and its UI (IDA highlighting every use of a register when you mouse over it is stupendously useful).
Just out of curiosity: what kinds of binaries do you need to reverse-engineer on a regular basis?
Bryan Caplan has been creating his “economics graphic novels” using an old “comic creator” software. He has a valid license, but they company that makes it went out decades ago, and the license server no longer exists. So I disabled the license-server check for him.
When I worked in mobile, I did it frequently. Customer would call us and say our SDK isn’t working. I’d download their app off the app store, decompile it, and figure out exactly how they’re using us.
It’s also surprisingly frequent how often I want to step through a library or program that I’m using. If you link to that library as a binary, then (even if the source is available elsewhere) it’s often easiest to debug it using a reverse-engineering tool.
Less everyday, but I’ve also done some larger projects involving REing. I started off in game modding 10 years ago. Last year, I did some election security work that achieved some publicity. https://www.nytimes.com/2020/02/13/us/politics/voting-smartphone-app.html