Malware Bible
  • The Indoctrination
    • The Beginning
      • Introduction to x86 Assembly
      • Introduction to Shellcode
      • Introduction to Python
      • Introduction to C
      • So You Want to Write Malware?
      • Introduction to Exploit Development
    • The Journey
      • Windows PE File Structure
      • ELF Structures
      • Android Package File Structure
      • iOS App Store File Structure
    • The Rituals
      • Start Writing Malware
      • Malware Obfuscation Techniques
      • Malware Evasion Techniques
    • The Scriptures
      • Malcore
      • Radare2
      • IDAPro
      • Evasion Tactics
      • WinDBG
      • WinAPI
Powered by GitBook
On this page
  • Index
  • Keys
  • Navigation
  • Search
  • Graphing
  • Comments
  • Data Format Options
  • Open Subviews
  • File Operations
  • Debugger
  • Breakpoints
  • Watches
  • Tracing
  • Miscellaneous
  • Edit (Data Types – etc)
  • Operand Type
  • Segments
  • Structs
  • Functions
  1. The Indoctrination
  2. The Scriptures

IDAPro

PreviousRadare2NextEvasion Tactics

Last updated 2 months ago

Shameless plug

This course is given to you for free by The Perkins Cybersecurity Educational Fund: in collaboration with the Malcore team:

Please consider donating to Fund and registering for Malcore. You can also join the Malcore Discord server here:

Malcore offers free threat intel in our Discord via their custom designed Discord bot. Join the Discord to discuss this course in further detail or to ask questions.

You can also support The Perkins Cybersecurity Educational Fund by buying them a coffee

Index

Keys

Image
Description

Shift key

Alt key

Control key

Escape key

Enter key

Navigation

Action
Shortcut

Jump to operand

Jump in new window

Jump to previous position

Jump to Next position

Jump to address

G

Jump by name

Jump to function

Jump to segment

Jump to segment register

Jump to problem

Jump to cross reference

Jump to xref to operand

X

Jump to entry point

Mark Position

Search

Action
Shortcut

Next code

Next data

Next explored

Next unexplored

Immediate value

Next immediate value

Text

Next text

Sequence of bytes

Next sequence of bytes

Not function

Graphing

Action
Shortcut

Flow chart

F12

Function calls

Comments

Action
Shortcut

Enter comment

Enter repeatable comment

;

Enter anterior lines

Ins

Enter posterior lines

Insert predefined comment

Data Format Options

Action
Shortcut

ASCII strings style

Setup data types

Open Subviews

Action
Shortcut

Names

Functions

Strings

Segments

Segment registers

Signatures

Type libraries

Structures

Enumerations

File Operations

Action
Shortcut

Parse C header file

Create ASM file

Save database

Debugger

Action
Shortcut

Start process

F9

Terminate process

Step into

F7

Step over

F8

Run until return

Run to cursor

F4

Breakpoints

Action
Shortcut

Breakpoint list

Watches

Action
Shortcut

Delete watch

Del

Tracing

Action
Shortcut

Stack trace

Miscellaneous

Action
Shortcut

Calculator

Cycle through open views

Select tab

Close current view

Exit

IDC Command

Edit (Data Types – etc)

Action
Shortcut

Copy

Begin selection

Manual instruction

Code

C

Data

D

Struct variable

ASCII string

A

Array

Num *

Undefine

U

Rename

N

Operand Type

Action
Shortcut

Offset (data segment)

O

Offset (current segment)

Offset by (any segment)

Offset (user-defined)

Offset (struct)

T

Number (default)

Hexadecimal

Q

Decimal

H

Binary

B

Character

R

Segment

S

Enum member

M

Stack variable

K

Change sign

Bitwise negate

Manual

Segments

Action
Shortcut

Edit segment

Change segment register value

Structs

Action
Shortcut

Struct var

Force zero offset field

Select union member

Functions

Action
Shortcut

Create function

P

Edit function

Set function end

E

Stack variables

Change stack pointer

Rename register

V

Set function type

Y

+

+

+L

+P

+S

+G

+Q

+X

+E

+M

+C

+D

+A

+U

+I

+I

+T

+T

+B

+B

+U

+F12

+;

+Ins

+F1

+A

+D

+F4

+F3

+F12

+F7

+F8

+F5

+F11

+F9

+F10

+F9

+F10

+W

+F2

+F7

++B

++S

+/

+Tab

+ [1…N]

+F4

+X

+F2

+Ins

+L

+F2

+Q

+O

+R

+R

+3

+-

+`

+F1

+S

+G

+Q

+Z

+Y

+P

+K

+K

Keys
Navigation
Search
Graphing
Comments
Data Format Options
Open Subviews
File Operations
Debugger
Breakpoints
Watches
Tracing
Misc
Edit
Operand Type
Segments
Structs
Functions
https://perkinsfund.org/
https://m4lc.io/courses/register
The Perkins Cybersecurity Educational
https://m4lc.io/courses/discord