IDA Pro
IDA Pro combines an interactive, programmable, multi-processordisassembler coupled to a local and remote debugger and augmented by a complete plugin programming environment.

Award-winning frameworks
● As a disassembler, IDA Pro explores binary programs, for which source code isn't always available, to create maps of their execution. The real interest of a disassembler is that it shows the instructions that are actually executed by the processor in a symbolic representation called assembly language.
● If the friendly screen saver you have just installed is spying on your e-banking session or logging your e-mails, a disassembler can reveal it.
● However, assembly language is hard to make sense of. That's why advanced techniques have been implemented into IDA Pro to make that code more readable, in some cases, quite close to the original source code that produced the binary program.
● The map of the program's code then can be postprocessed for further investigation. Some people have used it as the root of a genomic classification of viruses.

Tooling
● But, in real life, things aren't always simple. Hostile code usually does not cooperate with the analyst. Viruses, worms and trojans are often armored and obfuscated. More powerful tools are required.
● The debugger in IDA Pro complements the static analysis capabilities of the disassembler: by allowing an analyst to single step through the code being investigated, the debugger often bypasses the obfuscation and helps obtain data that the more powerful static disassembler will be able to process in depth.
● IDA Pro can be used as a local and as a remote debugger on various platforms, including the ubiquitous 80x86 (typically Windows/Linux) and the ARM platform (typically Windows CE PDAs) and other platforms. Remote debuggers are very useful when one wants to safely dissect potentially harmful programs.
● Some IDA debuggers can run the application in a virtual environment: this makes malware analysis even safer.

Hex-Rays Decompiler
We are pleased to present our flagship product, the Hex-Rays Decompiler, which brings binary software analysis within reach of millions of programmers. It converts executable programs into a human readable C-like pseudocode text.

In comparison to low level assembly language, high level language representation in Hex-Rays has several advantages:
   ● concise: requires less time to read it
   ● structured: program logic is more obvious
   ● dynamic: variable names and types can be changed on the fly
   ● familiar: no need to learn the assembly language
   ● cool: the most advanced decompiler ever built!

The pseudocode text is generated on the fly. Our technology is fast enough to analyze 99% of functions within a couple of seconds.

Currently the decompiler supports compiler generated code for the x86, x64, and ARM processors. We plan to port it to other platforms and add a programmatic API. This will allow our customers to implement their own analysis methods. Vulnerability search, software validation, coverage analysis are the directions that immediately come to mind.

The decompiler runs on MS Windows, Linux, and Mac OS X. The GUI and text IDA versions are supported. In the text mode, only batch operation is available.