In the previous chapter, we looked at the disassembly features of IDA Pro. In this chapter, you will learn about IDA's debugging capabilities. The commercial version of IDA can debug both 32-bit and 64-bit applications, whereas the demo version only allows you to debug a 32-bit Windows binary. In this section, you will see some of the debugging features offered by IDA Pro, and you will learn how to use it to debug a malicious binary.
3. Debugging a Binary Using IDA
3.1 Launching a New Process in IDA
There are different ways to launch a new process; one method is to directly launch the debugger, without initially loading the program. To do that, launch IDA (without loading the executable), then select Debugger |...