IDAPro
Last updated
Last updated
Shameless plug
This cheatsheet is given to you for free by the Malcore team: https://m4lc.io/cs/idapro/register
Consider registering, and using Malcore, so we can continue to provide free content for the entire community. You can also join our Discord server here: https://m4lc.io/cs/idapro/discord
We offer free threat intel in our Discord via our custom designed Discord bot. Join the Discord to discuss this course in further detail or to ask questions.
You can also support us by buying us a coffee
| Image | Description |
|---|---|
Shift key | |
Alt key | |
Control key | |
Escape key | |
Enter key |
| Action | Shortcut |
|---|---|
Jump to operand | |
Jump in new window | |
Jump to previous position | |
Jump to Next position | |
Jump to address | G |
Jump by name | |
Jump to function | |
Jump to segment | |
Jump to segment register | |
Jump to problem | |
Jump to cross reference | |
Jump to xref to operand | X |
Jump to entry point | |
Mark Position |
| Action | Shortcut |
|---|---|
Next code | |
Next data | |
Next explored | |
Next unexplored | |
Immediate value | |
Next immediate value | |
Text | |
Next text | |
Sequence of bytes | |
Next sequence of bytes | |
Not function |
| Action | Shortcut |
|---|---|
Flow chart | F12 |
Function calls |
| Action | Shortcut |
|---|---|
Enter comment | |
Enter repeatable comment | ; |
Enter anterior lines | Ins |
Enter posterior lines | |
Insert predefined comment |
| Action | Shortcut |
|---|---|
ASCII strings style | |
Setup data types |
| Action | Shortcut |
|---|---|
Names | |
Functions | |
Strings | |
Segments | |
Segment registers | |
Signatures | |
Type libraries | |
Structures | |
Enumerations |
| Action | Shortcut |
|---|---|
Parse C header file | |
Create ASM file | |
Save database |
| Action | Shortcut |
|---|---|
Start process | F9 |
Terminate process | |
Step into | F7 |
Step over | F8 |
Run until return | |
Run to cursor | F4 |
| Action | Shortcut |
|---|---|
Breakpoint list |
| Action | Shortcut |
|---|---|
Delete watch | Del |
| Action | Shortcut |
|---|---|
Stack trace |
| Action | Shortcut |
|---|---|
Calculator | |
Cycle through open views | |
Select tab | |
Close current view | |
Exit | |
IDC Command |
| Action | Shortcut |
|---|---|
Copy | |
Begin selection | |
Manual instruction | |
Code | C |
Data | D |
Struct variable | |
ASCII string | A |
Array | Num * |
Undefine | U |
Rename | N |
| Action | Shortcut |
|---|---|
Offset (data segment) | O |
Offset (current segment) | |
Offset by (any segment) | |
Offset (user-defined) | |
Offset (struct) | T |
Number (default) | |
Hexadecimal | Q |
Decimal | H |
Binary | B |
Character | R |
Segment | S |
Enum member | M |
Stack variable | K |
Change sign | |
Bitwise negate | |
Manual |
| Action | Shortcut |
|---|---|
Edit segment | |
Change segment register value |
| Action | Shortcut |
|---|---|
Struct var | |
Force zero offset field | |
Select union member |
| Action | Shortcut |
|---|---|
Create function | P |
Edit function | |
Set function end | E |
Stack variables | |
Change stack pointer | |
Rename register | V |
Set function type | Y |
+
+
+L
+P
+S
+G
+Q
+X
+E
+M
+C
+D
+A
+U
+I
+I
+T
+T
+B
+B
+U
+F12
+;
+Ins
+F1
+A
+D
+F4
+F3
+F12
+F7
+F8
+F5
+F11
+F9
+F10
+F9
+F10
+W
+F2
+F7
++B
++S
+/
+Tab
+ [1…N]
+F4
+X
+F2
+Ins
+L
+F2
+Q
+O
+R
+R
+3
+-
+`
+F1
+S
+G
+Q
+Z
+Y
+P
+K
+K
