Jump Start Tutorial: BH16USA-PDF-16x9-PMEHTA-Ablation-Tutorial.pdf
Ablation is a tool for augmenting static analysis by extracting information at runtime, and importing it into IDA.
- Resolve virtual calls. - Maximize code audits by revealing interesting code. - Exclude heavily traversed regions. - Identify untested or undocumented features. - Visually diff samples. - Perform root cause analysis simply by running samples.
My favourite however is the virtual call resolution with fully interactive x-refs. It's simple, elegant, and disassembled C++ reads like C! It helps me time and time again.
Ablation helps you focus on the research.