IDA Free  Hex-Rays Decompilers由大眼仔旭（www.dayanzai.me）发布。Hex-Rays 是一家专注于二进制软件分析的高科技公司，成立于 2005 年，总部位于比利时列日市（Liège），致力于研发强劲的二进制分析工具，为 IT 安全市场提供最佳产品和极其出色的服务。Hex-Rays 的旗舰产品 IDA 是全球最智能、功能最完善的交互式反汇编程序，许多软件安全专家和黑客都对这款软件如雷贯耳。IDA PRO 简称 IDA（Interactive Disassembler），是一个世界顶级的交互式反汇编工具，有两种可用版本。标准版(Standard)支持二十多种处理器。高级版(Advanced)支持50多种处理器。

交互式反汇编器 IDA Pro

随着逆向工程技术的热潮，软件逆向工程也在不断发展。 逆向分析技术是软件逆向工程中的重要方法和技术，在某些领域甚至是关键和唯一的问题解决途径。逆向分析技术是指通过分析机器码或汇编码来理解代码功能，如各接口的数据结构等，然后用高级语言重新描述该代码，逆向推出源程序的思路。

二进制程序逆向分析作为程序转换的主要手段发挥着积极的作用。程序转换被广泛用于对程序的理解和代码的编译，用来检测和维护代码、检测并定位bugs、学习算法、用户干预、增加功能等。程序转换的目标之一就是在尽可能大的语言范围内，以一种规范的方式对程序进行重用。

IDA 完全使用 C++ 编写而成，适用于三大主流操作系统：Microsoft Windows、Mac OS X 和 Linux。IDA 的主要目标之一，在于呈现尽可能接近源代码的代码，而且通过派生的变量和函数名称来尽其所能地注释生成的反汇编代码，货真价实。其内核算法的高速和可扩展性，使 Hex-Rays 不仅能够在众所周知的 C/C++ 反编译问题中取得突破性的进展，还为二进制分析领域的未来发展奠定了坚实的基础。

IDA Pro 许可证类型

IDA 提供三种许可证：

Named License（指定许可证）：供一名特定的最终用户使用，而且可以在这名特定最终用户所使用的多台计算机上使用。Named License 适用于小型企业和个人用户。
Computer License（计算机许可证）：供一台特定的计算机使用，而且可供使用这台计算机的多名最终用户使用，只要无论何时，只有一名用户处于活动状态即可。这种许可证适用于企业，因为它不与个人绑定，允许简便地再分配许可证。
Floating License（浮动/网络许可证）：可以在（一家企业）无限数量的计算机上安装，不过只允许同时运行有限数量的副本。

IDA 软件提供两个版本

IDA Starter：支持 20 多种处理器，包括流行的 x86 和 ARM 处理器。IDA Starter 不支持 64 位文件。
IDA Professional：支持 50 多种处理器，而且支持 64 位文件（包括 Intel x86-64 代码）。

这两个版本都适用于 Windows、Linux 和 Mac OS X。

注意：以下功能仅在 Windows 版本中提供：

WinDbg 和 Symbian 调试器

通过 ActiveSync 进行的 WinCE 调试

Hex-Rays 为希望了解 IDA 基本功能的用户提供了一个功能有限的特别版本，但是，该特别版本并不是工最新版本的功能。该特别版本为 IDA 的简化版，除特别版本外，Hex-Rays 还提供当前版本的功能有限的演示版。

官方主页

What’s new in IDA 8.0.220829
August 30, 2022
Procesor modules:
68K: support switches which use cmpa for the range check
ARM: improve handling of manual setting of ARM/Thumb mode via the T pseudo-register
AVR: added config for ATmega640
PC: improve function recognition
Debuggers:
PIN: support PIN 3.22-98547
File formats:
COFF: support ARM64 and ARMv7 object files compiled with /bigobj option
DWARF: upgrade libdwarf to version 20220625 (aka 0.4.1)
MACHO: improve symbolication of branch mappings in iOS16+ dyldcaches
MACHO: support for iOS16 dyld caches
MACHO: when loading a dyld shared cache, make “single module” option the default choice
FLIRT / TILS / IDS:
FLIRT: GO: increased coverage of golang signatures
FLIRT: MFC: added signatures for vc1431 (Visual Studio 16.11.10)
FLIRT: VC: added signatures for vc1431 32bit(Visual Studio 16.11.10)
idaclang: added “–idaclang-parse-static” option to the cmdline tool
idaclang: introduced the “–idaclang-extra-c-mangling” option for building type libs for mixed-language inputs (e.g. C++, C, and Objective-C)
idaclang: try to pre-set a default target configuration that corresponds to the currently loaded file
Standard plugins:
DSCU: support loading (and symbolicating) global offset tables from iOS16
dyldcaches
golang: support for go1.18 (function names, types)
OBJC: improved decompilation of functions that use objc_alloc_init() to initialize Objective-C objects
OBJC: improved decompilation of Objective-C binaries by creating artificial imports for to methods not present in the idb
patfind: new plugin to discover code patterns in otherwise unmarked binaries
Scripting & SDK:
IDAPython: removed Python 2 support
SDK: added a new method qstring::rtrim() to trim whitespaces
SDK: added get_stdact_descs() for choosers for customizing the standard actions (Insert, Delete, Edit, Refresh)
SDK: added wildcard_path_match(), that can match entire paths against a pattern following the same rules as a shell (e.g. ** and ranges like [a-z])
SDK: improved comment for has_external_refs()
SDK: support usage of qstring in hashed STL containers
UI:
UI: the command-line arguments in the Debugger>Process options… dialog are no longer limited to 1024 characters
Decompilers:
Added option HO_PROP_VOLATILE_LDX to propagate load instructions without checking for volatile memory access
Added support for outlined functions
arm: recognize thunk functions with suffixes _from_thumb, _from_arm, _veneer
Improve handling of scattered return values (=using mutiple registers/stack locations)
New decompiler: HEXARC (for the ARC processor family)
Pc: control register maniplation intrinsics (e.g __writecr0) work with 32-bit values in 32-bit mode
Support WCHAR, wchar16_t, wchar32_t as character element types
Bugfixes:
BUFGIX: IDC: definitions of SN_CHECK/SN_NOCHECK (flags for set_name()) were wrong
BUGFIX: ARM: fixed an endless loop which could occur when analyzing code switching between ARM/Thumb modes
BUGFIX: ARM: IDA could display a “bad instruction decoding” warning when trying to decode an undefined instruction
BUGFIX: ARM: some undefined A64 instructions were wrongly decoded as FCMEQ
BUGFIX: ARM: arm64 function arguments with wrong attributes could crash ida
BUGFIX: automatically created string literal names would have repeating symbols in place of embedded zeroes in the string
BUGFIX: dbg: IDA could produce an internal error when undo was used during debugging
BUGFIX: decompiler: do not crash if nullptr is passed to various save_.. functions
BUGFIX: decompiler: do not optimize away successive volatile memory reads
BUGFIX: decompiler: fix sometimes wrong decompilation when loading values from memory in big-endian mode
BUGFIX: decompiler: fixed multiple interrs
BUGFIX: decompiler: modifies_d() was incorrectly returning true for instructions without the ‘d’ operand
BUGFIX: DWARF: during source-level debugging, location of some items wouldn’t be properly resolved
BUGFIX: DWARF: The plugin could INTERR because of how duplicate types were handled
BUGFIX: golang: IDA could hang when parisng metadata in some Go binaries
BUGFIX: IDA could crash when loading PE files if IDS debugging was enabled (-z40 switch)
BUGFIX: IDA could fail to load bytes from modules in iOS 15 dyldcaches for older iphones (iphone X and earlier)
BUGFIX: IDA could fail to load symbols for some modules in iOS 15 dyldcaches
BUGFIX: idaclang could create invalid types after parsing a “using” declaration that has the same name as an existing type
BUGFIX: idaclang could fail to parse c++ type declarations that use the “auto” keyword
BUGFIX: idaclang would fail to parse function prototypes that have an unspecified number of arguments
BUGFIX: IDAPython: fixed multiple crashes and infinite loops when wrong arguments are passed to IDA APIs
BUGFIX: IDAPython: IDA could crash if ‘has_insn_feature’ was called with improper data
BUGFIX: IDAPython: internal errors in IDA API wrappers which are called bypassing IDA UI (e.g. from alternative IDAPython shells) are now caught and reported properly
BUGFIX: IDAPython: when trying to create a too big segment, produce a warning instead of fatal error
BUGFIX: IDC: calling get_tev_reg() with wrong data could produce “No error” message instead of showing the correct error
BUGFIX: installer: PIN debugger plugin was not shipped with Mac builds of IDA by mistake
BUGFIX: kernel: compact_numbered_types() was mishandling aliased types
BUGFIX: kernel: fixed an endless loop which could occur during application of startup signatures
BUGFIX: kernel: fixed interr 641 that could occur when parsing a bad function prototype
BUGFIX: kernel: get_strlit_contents() could loop very long time even when maxcps was set to a reasonable value
BUGFIX: kernel: IDA could produce “database corrupted” when undoing some operations
BUGFIX: MACHO: some ARM64e binaries could have wrong pointer values, leading to wrong parsing of Objective-C metadata
BUGFIX: MIPS: bltzal and bgezal were not handled as call instructions
BUGFIX: OBJC: “Run until message received” action could fail on macOS 12
BUGFIX: PC: some 64-bit functions would lose offsets when Lumina metadata was applied
BUGFIX: PC: ud1 instruction was decoded incorrectly (the mod r/m byte was not parsed)
BUGFIX: PDB: fixed interr 984 which could occur when loading PDBs with types from recent Windows builds
BUGFIX: PDB: the PDB file download could be cancelled unexpectedly when using symsrv.dll from WinDbg Preview
BUGFIX: PPC: functions using ‘ba’ for tail calls to noret functions were not marked as noret
BUGFIX: SDK: get_name_ea() would return non-BADADDR results for structure or enum names
BUGFIX: svdimport: plugin could crash when processing certain SVD files
BUGFIX: tilib: fixed interr 157 that could occur when listing til contents in the presence of type aliases
BUGFIX: UI: database snapshots were added to the recent files list and could fill it completely
BUGFIX: UI: IDA could produce internal errror 40225 after some user manipulations with the function graphs
BUGFIX: UI: IDA would not display shortcuts for actions in context menus on macOS
BUGFIX: UI: strings containing rn could be printed as empty in the Output window and the log file
BUGFIX: UI: TOOL_CLOSED_BY_ESC in idagui.cfg did not work
BUGFIX: windbg: IDA could crash if a breakpoint it added became invalid (e.g. by user’s actions bypassing IDA’s UI)

https://hex-rays.com/products/ida/news/8_0/