From Collaborative RCE Tool Library
X86 Disassembler Libraries
| Tool name: | BeaEngine |
| ||
|---|---|---|---|---|
| Author: | Beatrix2004 | |||
| Website: | http://www.binary-reverser.org | |||
| Current version: | 2.3 | |||
| Last updated: | June 28, 2007 | |||
| Direct D/L link: | http://binary-reverser.org/tools/BeaEngine/index.php | |||
| License type: | X11 | |||
| Description: | (french) BeaEngine est une bibliothèque (library) que j’ai écrite en assembleur pour processeurs INTEL (avec masm32) qui permet de désassembler du code IA-32 ou EM64T en fournissant le mnémonic, le modrm, le sib, le regopcode et la taille de l’instruction. Cette bibliothèque est assez rapide et gère la totalité des opcodes INTEL. Cette lib est fournie avec les sources ainsi que quelques exemples d’utilisation. Elle est publiée sous licence X11. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | diStorm64 x86-64 Disasm Lib |
| ||
|---|---|---|---|---|
| Author: | Gil Dabah & Co. | |||
| Website: | http://www.ragestorm.net/distorm | |||
| Current version: | 1.7.27 | |||
| Last updated: | December 10, 2007 | |||
| Direct D/L link: | http://www.ragestorm.net/distorm/dl.php?id=11 | |||
| License type: | BSD license | |||
| Description: | Cross platform x86, x64, MMX, SSE, SSE2, SSE3, SSE4 and soon SSE5 support with open opcode database support (tools available, carefully examine the whole page, you're looking for disops.zip, at the moment available at http://www.ragestorm.net/distorm/dl.php?id=13) 'nough said. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Disasm32 |
| ||
|---|---|---|---|---|
| Author: | Russell Libby | |||
| Website: | http://users.adelphia.net/~rllibby/source.html | |||
| Current version: | ||||
| Last updated: | March 1, 2004 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free / Open Source | |||
| Description: | Delphi Disassembler Conversion of libdisasm 2.0. This is a Delphi conversion of the libdisasm project. The source code provides basic disassembly of Intel x86 instructions from a binary stream. The intent is to provide an easy to use disassembler class which can be called to disassemble instructions from memory. Disassembled information is in Intel syntax, as well as in an intermediate format which includes detailed instruction and operand type information. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Hacker Disassembler Engine (HDE) |
| ||
|---|---|---|---|---|
| Author: | Veacheslav Patkov | |||
| Website: | N/A | |||
| Current version: | 0.09 | |||
| Last updated: | October 26, 2007 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | This is small disassembler engine intended to x86-32 code analyse. HDE get length of command, prefixes, ModR/M and SIB bytes, opcode, immediate value, displacement, etc. For example, you can use HDE when writing unpackers, decryptors, viruses of executable files. HDE package include compiled object files in difference formats, header files and assembler source. * Supports FPU, MMX, SSE, SSE2, SSE3, 3DNow! instructions * High speed and small size (660 bytes) * Position and OS independent code * Compatibility with a most coding languages | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | libdisasm |
| ||
|---|---|---|---|---|
| Author: | mammon_, ReZiDeNt, The Grugq, MO_K, a_p, fbj | |||
| Website: | http://bastard.sourceforge.net/libdisasm.html | |||
| Current version: | 0.23 | |||
| Last updated: | January 16, 2008 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free / Open Source | |||
| Description: | x86 Disassembler Library The libdisasm library provides basic disassembly of Intel x86 instructions from a binary stream. The intent is to provide an easy to use disassembler which can be called from any application; the disassembly can be produced in AT&T syntax and Intel syntax, as well as in an intermediate format which includes detailed instruction and operand type information. This disassembler is derived from libi386.so in the bastard project; as such it is x86 specific and will not be expanded to include other CPU architectures. Releases for libdisasm are generated automatically alongside releases of the bastard; it is not a standalone project, though it is a standalone library. The recent spate of objdump output analyzers has proven that many of the people [not necessarily programmers] interested in writing disassemblers have little knowledge of, or interest in, C programming; as a result, these "disassemblers" have been written in Perl. In order to address this audience, a HOWTO has been provided which demonstrates how to use the libdisasm opcode tables to implement a true disassembler using Perl. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | SysDasm |
| ||
|---|---|---|---|---|
| Author: | Kayaker | |||
| Website: | http://rootkit.com/newsread.php?newsid=208 | |||
| Current version: | ||||
| Last updated: | October 26, 2007 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free / Open Source | |||
| Description: | Full-Text Disassembler DLL Export Module for Kernel Mode I use the source code of NDISASM, the Netwide Disassembler portion of NASM, compiled into a user mode DLL, for use in various reversing projects that incorporate a disassembler component. Recently I decided to recompile the code into a *kernel mode* DLL, to see what use might be made of it in a driver context. The result may be of interest to some, perhaps as a self contained full-text disassembly module for testing or development (i.e. "playing"), or simply as an example of creating and using kernel mode export drivers. The full-text disassembly module, SysDasm.sys, is created with a single export, which acts as a wrapper around the NDISASM internal disasm routine. This export-only driver is loaded from another driver, either by linking to it explicitly, or by loading it with ZwSetSystemInformation using the SystemLoadImage class. In this type of export module, the DriverEntry routine is never called but exists so the file is compiled correctly as a .sys driver. If you want to design such a Kernel Mode DLL with functional entry/exit routines, you can add PRIVATE exports declared as DllInitialize/DllUnload. For more on this see for example DLLs in Kernel Mode by Tim Roberts http://www.wd-3.com/archive/KernelDlls.htm The easiest way to use such a kernel mode DLL is to include its .LIB file when compiling the driver which will communicate with it, and to declare the functions you want to import with EXTERN_C DECLSPEC_IMPORT. When the driver is loaded by the system, this second module is loaded as a required kernel DLL and the functions can then be called directly by name. The DLL is unloaded by the system when the driver closes. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Udis86 |
| ||
|---|---|---|---|---|
| Author: | Vivek Mohan | |||
| Website: | http://udis86.sourceforge.net | |||
| Current version: | 1.6 | |||
| Last updated: | August 5, 2007 | |||
| Direct D/L link: | N/A | |||
| License type: | Free / Open Source | |||
| Description: | Udis86 is an easy-to-use minimalistic disassembler library (libudis86) for the x86 and AMD64 (x86-64) range of instruction set architectures. The primary intent of the design and development of udis86 is to aid software development projects that entail binary code analysis. 1. Full support for the x86 and x86-64 (AMD64) range of instruction set architectures. 2. Full support for all AMD-V, INTEL-VMX, MMX, SSE, SSE2, SSE3, FPU(x87), and AMD 3Dnow! instructions. 3. Supports 16bit, 32bit, and 64bit disassembly modes. 4. Generates output in AT&T or INTEL assembler language syntaxes. 5. Supports flexbile input methods: File, Buffer, and Hooks. 6. Thread-safe and Reentrant. 7. Clean and very easy-to-use API. 8. Builds on *nix systems, Win32, DJGPP (new), Standalone, etc. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
