An integrated disassembler/debugger combination such as IDA should be a pretty powerful tool for manipulating binaries and seamlessly applying static and dynamic techniques as part of the reverse engineering process. This turns out to be true if you understand the capabilities and limitations of each tool individually and in combination.

In this chapter, we will discuss some important points concerning the manner in which the static side of IDA interacts with its dynamic side. In order to enlighten this discussion we will take a look at techniques that can be employed with IDA’s debugger in order to defeat ...