IDAPro

Shameless plug

This course is given to you for free by The Perkins Cybersecurity Educational Fund: https://perkinsfund.org/ in collaboration with the Malcore team: https://m4lc.io/courses/register

Please consider donating to The Perkins Cybersecurity Educational Fund and registering for Malcore. You can also join the Malcore Discord server here: https://m4lc.io/courses/discord

Malcore offers free threat intel in our Discord via their custom designed Discord bot. Join the Discord to discuss this course in further detail or to ask questions.

You can also support The Perkins Cybersecurity Educational Fund by buying them a coffee

Index

Keys

Image
Description

Shift key

Alt key

Control key

Escape key

Enter key

Navigation

Action
Shortcut

Jump to operand

Jump in new window

+

Jump to previous position

Jump to Next position

+

Jump to address

G

Jump by name

+L

Jump to function

+P

Jump to segment

+S

Jump to segment register

+G

Jump to problem

+Q

Jump to cross reference

+X

Jump to xref to operand

X

Jump to entry point

+E

Mark Position

+M

Search

Action
Shortcut

Next code

+C

Next data

+D

Next explored

+A

Next unexplored

+U

Immediate value

+I

Next immediate value

+I

Text

+T

Next text

+T

Sequence of bytes

+B

Next sequence of bytes

+B

Not function

+U

Graphing

Action
Shortcut

Flow chart

F12

Function calls

+F12

Comments

Action
Shortcut

Enter comment

+;

Enter repeatable comment

;

Enter anterior lines

Ins

Enter posterior lines

+Ins

Insert predefined comment

+F1

Data Format Options

Action
Shortcut

ASCII strings style

+A

Setup data types

+D

Open Subviews

Action
Shortcut

Names

+F4

Functions

+F3

Strings

+F12

Segments

+F7

Segment registers

+F8

Signatures

+F5

Type libraries

+F11

Structures

+F9

Enumerations

+F10

File Operations

Action
Shortcut

Parse C header file

+F9

Create ASM file

+F10

Save database

+W

Debugger

Action
Shortcut

Start process

F9

Terminate process

+F2

Step into

F7

Step over

F8

Run until return

+F7

Run to cursor

F4

Breakpoints

Action
Shortcut

Breakpoint list

++B

Watches

Action
Shortcut

Delete watch

Del

Tracing

Action
Shortcut

Stack trace

++S

Miscellaneous

Action
Shortcut

Calculator

+/

Cycle through open views

+Tab

Select tab

+ [1…N]

Close current view

+F4

Exit

+X

IDC Command

+F2

Edit (Data Types – etc)

Action
Shortcut

Copy

+Ins

Begin selection

+L

Manual instruction

+F2

Code

C

Data

D

Struct variable

+Q

ASCII string

A

Array

Num *

Undefine

U

Rename

N

Operand Type

Action
Shortcut

Offset (data segment)

O

Offset (current segment)

+O

Offset by (any segment)

+R

Offset (user-defined)

+R

Offset (struct)

T

Number (default)

+3

Hexadecimal

Q

Decimal

H

Binary

B

Character

R

Segment

S

Enum member

M

Stack variable

K

Change sign

+-

Bitwise negate

+`

Manual

+F1

Segments

Action
Shortcut

Edit segment

+S

Change segment register value

+G

Structs

Action
Shortcut

Struct var

+Q

Force zero offset field

+Z

Select union member

+Y

Functions

Action
Shortcut

Create function

P

Edit function

+P

Set function end

E

Stack variables

+K

Change stack pointer

+K

Rename register

V

Set function type

Y

PreviousRadare2NextEvasion Tactics

Last updated