This chapter covered IDA Pro: its features, and how to use it to perform static code analysis (disassembly). In this chapter, we also looked at some of the concepts related to the Windows API. Combining the knowledge that you gained from the previous chapter, and utilizing the features offered by IDA, can greatly enhance your reverse engineering and malware analysis capabilities. Even though disassembly allows us to understand what a program does, most variables are not hardcoded and get populated only when a program is executing. In the next chapter, you will learn how to execute malware in a controlled manner with the help of a debugger, and you will also learn how to explore various aspects of a binary while it is executing ...