What's the advantage of IDA than visual studio when disassemblying a dll?

Question

Suppose I've a project that uses the dll so I can trace into the internals of the dll in the "Disassembly Window" of visual studio,then what's the advantage of IDA in this case?Is there?

Answer 1

The emphasis in IDA Pro (Interactive DisAssembler) is on interactive. Think of it as an IDE for disassembly work.

1. You can disassemble files without having to debug them
2. It automatically identifies code and data; however, you can always override its decision manually.
3. It groups instruction streams into functions and converts stack accesses into symbolic names for local variables and arguments.
4. It can show code flow as a graph
5. It tracks data and cross references, e.g. which functions access a specific data address, or which functions call the current one.
6. It automatically identifies library functions of common compilers even in absence of debug information
7. You can easily navigate in the whole binary, rename any location to a descriptive name and add comments
8. You can create structures and enumerations and use them to make the disassembly more descriptive, replacing numeric values and offsets by names. Many Win32 API structures are predefined.
9. You can automate common tasks using built-in C-like scripting language IDC or Python.
10. Common API functions' arguments are commented and renamed.
11. With an optional decompiler plugin you can decompile 32-bit x86 or ARM code.
12. If scripting is not enough, you can write plugins in C++.
13. It has many debugger modules: native Win32, WinDbg engine, GDB (for x86/ARM/MIPS/PPC), Bochs emulator and more. Remote debugging is available too.

In short, if you disassemble files regularly, this tool is indispensable. If you want to try it out, get the demo or freeware version here.

Disclaimer: I work for Hex-Rays.

Answer 2

Its a great tool, but, to be honest, unless your using:

• Hex-Rays(a decompiler plugin for IDA)
• specific IDA plugin (say for unpacking)
• Flow graphs/interactive features

I see no advantage (for x86 32 bit systems), especially since you have to pay for it, and extra if you want the hex-rays plugin. everything that IDA Pro (x86 32bit) does can be done using other free tools, along with ollydbg and some plugins (only thing one can't get is the decompiler part, most free solutions suck).

The one HUGE advantage I see(for x86 32-bit systems), is the support offered, clearly demonstrated by Igor's post :), which both free tools and sometimes microsoft tools don't have.

Note: If you haven't noticed, my answer is only for x86 32-bit systems and 32-bit IDA Pro with Hex-Rays (haven't used this in a long time tbh, I'm an ollydbg fan)