## Class Details
IDA Pro is one of the most used disassembler and reverse-engineering tools. While it is now
challenged by other competitors, it is still one of the most fast and accurate, and its Python
is largely underrated. This training aims at demystifying the Python API providing trainees
the keys to help them automate their reversing tasks and subsquently their reversing efficiency.
This course will provide a quick walkthrough in IDA's interface functionalities and then shift
to the counterpart in the Python API. It will cover the most useful static and dynamic API
capabilities through many practical hands-on.
At the end of the training one shall be able to perform any static tasks in a given binary,
from searching particular code construct, to applying automatically types or scripting a
debugging session from end-to-end. The trainee will be autonomously starting to write their plugins
for their own purposes.
## Course Objectives
* Getting keys and tips to solve most reverse issues thanks to scripting
* Speeding-up reverse by automating repetitive (or cumbersome) tasks
* Getting familiar with IDA's plugin ecosystem
* Avoiding some pain and struggles of using the API
## Course Topics
#### IDA Introduction
* IDA walkthrough: views, menus, shortcuts
* IDAPython primer
* Python modules
#### Static Analysis
* Memory layout: code, data, linear scanning, segmentation
* Control Flow Navigation: function, chunks, basic block, instructions
* Cross-references
* Data structures: array, structures, enums, stack frame
* Type management: Type Information Library (TIL), idaclang
#### Dynamic Analysis
* Debugging, breakpoints, groups
* Process, threads handling
* Runtime, reading, patching
* Trace generation
#### Extending IDA
* Loaders
* Processors
* Plugins
* UI integration
This training aims at helping you solve your reverse-engineering tasks!
A dedicated time will be allocated to work on such topics. Participants are
encouraged to come with their use-case (if applicable). This will be the
occasion to directly put into practice what you have just learned.
## Who Should Attend
Reverse engineers, or any security researcher willing to level-up in IDA Pro scripting
and willing to leverage all functionalities provided by IDA to make their life easier
during reversing.
## Prerequisites & System Requirements
* IDA Pro or IDA Home >7.5 (preferably x86-64) with Python 3.X. (no need for decompilers)
* Comfortable with the Python language
* Knowledgeable with QT Python API (PyQt) would be nice (but not mandatory)
Robin David is a French software security researcher focused on reverse engineering and software testing (fuzzing and symbolic execution). He originally holds a PhD from the Atomic Energy Comission (CEA) where he attacked obfuscation using formal methods and symbolic execution. He is now full-time security researcher at Quarkslab where he is leading the automated analysis team.
#### TRAINING SCHEDULE
| | |
|------------------|-------------------|
| FEB 20 Monday | Live Lecture (4h) |
| FEB 21 Tuesday | Live Lecture (4h) |
| FEB 24 Friday | Live Lecture (3h) |
| FEB 25 Saturday | Live Lecture (3h) |
##### 4h Live Lecture Timings
| | |
|---------------|-----------------|
| 9 am - 1 pm | US Pacific Time |
| 12 pm - 4 pm | US Eastern Time |
| 5 pm - 9 pm | UK |
| 6 pm - 10 pm | CET |
##### 3h Live Lecture Timings
| | |
|---------------|-----------------|
| 10 am - 1 pm | US Pacific Time |
| 1 pm - 4 pm | US Eastern Time |
| 6 pm - 9 pm | UK |
| 7 pm - 10 pm | CET |
#### TRAINING SCHEDULE
This training shall be conducted during
**EXACT LECTURE DATES SHALL BE ANNOUNCED SOON.**
Lecture Recordings
Recordings shall be made available
after each lecture, throughout the duration
of the course. ONLY FOR REGISTERED STUDENTS.
