ida

TLDR

Open binary in IDA

$ ida [binary]

Run IDA in text mode

$ ida -T [binary]

Batch mode analysis

$ ida -B [binary]

Run script

$ ida -S[script.py] [binary]

Open 64-bit binary

$ ida64 [binary]

SYNOPSIS

ida [options] [file]
ida64 [options] [file]

IDA (Interactive DisAssembler) is a disassembler and debugger for analyzing binary executables. It's the industry standard for reverse engineering, malware analysis, and vulnerability research.
IDA supports numerous processor architectures and file formats. It provides features like cross-references, function recognition, and an IDAPython scripting interface.

PARAMETERS

file

Binary file to analyze.

-T

Text mode (no GUI).

-B

Batch mode (analyze and exit).

-A

Autonomous mode (auto-answer dialogs).

-Sscript

Run script on startup.

-Llogfile

Log file.

-c

Create new database.

-odatabase

Output database file.

EDITIONS

- IDA Free: Limited free version
- IDA Home: Personal use
- IDA Pro: Full professional version

SCRIPTING

$ # IDAPython example
import idautils
for func in idautils.Functions():
print(hex(func), idc.get_func_name(func))

CAVEATS

Commercial software (free version has limitations). Large binaries require significant RAM. Database files can be large. Learning curve for effective use.

HISTORY

IDA was created by Ilfak Guilfanov and first released in 1991. It's developed by Hex-Rays and has become the de facto standard for binary analysis in security research.

ida