0

I have used Cheat Engine to the point where I now understand how I can access memory in the program, how to view the assembly code, find pointers, use the debugger, etc. I have not used IDA, Ghidra, x64dbg (or any others I don't know about) and was wondering what difference there is between them. Thank you

DevFish
  • 11
  • 6
  • Ghidra, IDA and x64dbg are reverse engineering tools and has nothing to do with cheat engines – phuclv Apr 19 '23 at 23:53
  • I mean I would disagree that they have nothing to do with Cheat Engine, it's just a different tool. Cheat Engine allows you to do memory scanning, disassembly, and debugging so you are able to reverse engineer games and other programs with it. @phuclv – DevFish Apr 20 '23 at 00:55
  • 1
    IDA and Ghidra a primarily static analysis tools (just load the binaries offline without executing them) which can also be used as debugger to perform dynamic analysis of apps and binaries. – Robert Apr 23 '23 at 12:26

1 Answers1

0

They are all different tools with different use cases. Ghidra and ida fall under static analysis tool. These tools operate without the program running, they just extract the bytes from the file and try to make sense of that. They incorporate many tools under one roof to make your life easier. String search, pe readers, ... most interesting is they both offer a de-compiler which tries to make C code from the assembly.

A debugger is a tool that works on the file while its running, it attaches itself to the process and reads the memory, instructions, allows you to set breakpoints and much more. Plus side of it is that you can see the data as its moving thru the program.

Cheat engine is kinda a swiss army knife, it does allot of things at the same time but it cant do static analysis. Ida pro and Ghidra also incorporate a debugger to look at the program while running, but most of the focus is on static analysis.

You should try them out and get familiar with them if you wane get into reverse engineering. There is not one tool that does everything perfect. Many tools are needed and can work together to get you a clear picture of how a program operates.

Neko
  • 18
  • 5