Suppose I've a project that uses the dll so I can trace into the internals of the dll in the "Disassembly Window" of visual studio,then what's the advantage of IDA in this case?Is there?
The emphasis in IDA Pro (Interactive DisAssembler) is on interactive. Think of it as an IDE for disassembly work.
- You can disassemble files without having to debug them
- It automatically identifies code and data; however, you can always override its decision manually.
- It groups instruction streams into functions and converts stack accesses into symbolic names for local variables and arguments.
- It can show code flow as a graph
- It tracks data and cross references, e.g. which functions access a specific data address, or which functions call the current one.
- It automatically identifies library functions of common compilers even in absence of debug information
- You can easily navigate in the whole binary, rename any location to a descriptive name and add comments
- You can create structures and enumerations and use them to make the disassembly more descriptive, replacing numeric values and offsets by names. Many Win32 API structures are predefined.
- You can automate common tasks using built-in C-like scripting language IDC or Python.
- Common API functions' arguments are commented and renamed.
- With an optional decompiler plugin you can decompile 32-bit x86 or ARM code.
- If scripting is not enough, you can write plugins in C++.
- It has many debugger modules: native Win32, WinDbg engine, GDB (for x86/ARM/MIPS/PPC), Bochs emulator and more. Remote debugging is available too.
In short, if you disassemble files regularly, this tool is indispensable. If you want to try it out, get the demo or freeware version here.
Disclaimer: I work for Hex-Rays.
Menu
263
