State of the art binary code analysis solution adds Apple Silicon support and improves performance.
Features
The IDA Disassembler and Debugger is an interactive, programmable, extensible, multi-processor disassembler hosted on Microsoft Windows, Linux, or Apple macOS. IDA has become a de-facto standard for the analysis of hostile code, vulnerability research and commercial-off-the-shelf validation.
New Features in IDA Pro v7.6
- Apple Silicon full support: The much-anticipated feature is finally here.
- IDA for macOS is now available as a native ARM64 binary which can make full use of the M1 chip’s incredible performance.
- Golang analysis: improved to properly support its peculiarities. Improvements include:
- Parsing of golang-specific metadata to recover function names and boundaries.
- Support for stack-based parameters and return values even on platfoms that usually use registers (ARM, x64).
- Detection of golang-specific string literals.
- Improvements for Hex-Rays Decompiler:
- Automatic renaming of variables. With this release the decompiler will try to automatically assign names to variables and structure fields based on assignments and function calls.
- Improved recognition of stack arrays. Arrays on stack can be difficult to detect automatically since usually only their first elements are referenced explicitly. Hex-Rays have added heuristics which recover arrays in many typical situations, reducing the need for manual intervention.
- Empty lines for better readability. If you add GENERATE_EMPTY_LINES = YES to hexrays.cfg, the decompiler will add extra empty lines between compound statements and before labels, which improves readability of long functions.
- New processor modules: RISC-V and RL78
- RISC-V is an open ISA which is starting to become available in various hardware such as the latest iteration of the Espressif Systems wireless platform, ESP32-C3.
- RL78 from Renesas is a 16-bit descendant of the 8-bit NEC 78k0(s) family previously supported by IDA and is used in various automotive and consumer applications.
- Bookmarks: Added some new functionality to enrich bookmarks management in the UI.
- Further support for compressed macOS and iOS kernelcache and for Python 3.9.
- Other UI Improvements:
- Processor list in the Load File dialog is now organized using folder view which can be filtered using Ctrl-F.
- You can now use cut&paste in folder views instead of dragging things with the mouse.
- The Strings list is now cached in the database. The Strings window is one of the most commonly used views in IDA for quick reconnaissance. However, depending on the settings it can take a long time to scan the whole database which had to be repeated each time on reopening the window or reloading the database. Now the list is cached so opening it the second time is almost instant.