These days its almost impossible to read a book on security or vuln-dev without a gratuitous IDA-Pro screenshot. IDA has proven itself so valuable at reversing that its near impossible to find texts that fail to mention it. (Even ancient texts from fravia and woodman will make reference to it).
Well.. for a long long time people have wondered why ilfak (ida’s main author) didnt get into the point and click vuln finding / point-and-click disassembler business.. For a long time he (and datarescue stayed out of it), till now..
Enter hex-rays:
From its product page:
-snip-
…the Hex-Rays Decompiler, which brings binary software analysis within reach of millions of programmers. It converts executable programs into a human readable C-like pseudocode text.
In comparison to low level assembly language, high level language representation in Hex-Rays has several advantages:
- concise: requires less time to read it
- structured: program logic is more obvious
- dynamic: variable names and types can be changed on the fly
- familiar: no need to learn the assembly language
- cool: the most advanced decompiler ever built!
The pseudocode text is generated on the fly. Our technology is fast enough to analyze 99% of functions within a couple of seconds.
-snip-
The tool sells for around $2000.. but considering what it promises im sure there will be no shortage of willing customers.. I have not played with hex-rays, but have been using IDA for a fair amount of time and its a pretty safe bet that if it comes from ilfak its going to rock.. Check it out.. and if you have taken it for a spin drop me an email.. id love to hear how it went..
/mh