|
Disassembler
A disassembler is a computer program that translates machine language into assembly language—the inverse operation to that of an assembler. The output of disassembly is typically formatted for human-readability rather than for input to an assembler, making disassemblers primarily a reverse-engineering tool. Common uses include analyzing the output of high-level programming language compilers and their optimizations, recovering source code when the original is lost, performing malware analysis, modifying software (such as binary patching), and software cracking. A disassembler differs from a decompiler, which targets a high-level language rather than an assembly language. Assembly language source code generally permits the use of constants and programmer comments. These are usually removed from the assembled machine code by the assembler. If so, a disassembler operating on the machine code would produce disassembly lacking these constants and comments; the disassembled output b ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Program
A computer program is a sequence or set of instructions in a programming language for a computer to Execution (computing), execute. It is one component of software, which also includes software documentation, documentation and other intangible components. A ''computer program'' in its human-readable form is called source code. Source code needs another computer program to Execution (computing), execute because computers can only execute their native machine instructions. Therefore, source code may be Translator (computing), translated to machine instructions using a compiler written for the language. (Assembly language programs are translated using an Assembler (computing), assembler.) The resulting file is called an executable. Alternatively, source code may execute within an interpreter (computing), interpreter written for the language. If the executable is requested for execution, then the operating system Loader (computing), loads it into Random-access memory, memory and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Interactive Disassembler
The Interactive Disassembler (IDA) is a disassembler for computer software which generates assembly language source code from machine-executable code. It supports a variety of executable formats for different processors and operating systems. It can also be used as a debugger for Windows PE, Mac OS X Mach-O, and Linux ELF executables. A decompiler plug-in, which generates a high level, C source code-like representation of the analysed program, is available at extra cost. IDA is used widely in software reverse engineering, including for malware analysis and software vulnerability research. IDA's decompiler is one of the most popular and widely used decompilation frameworks, and IDA has been called the "de-facto industry standard" for program disassembly and static binary analysis. History Ilfak Guilfanov began working on IDA in 1990, and initially distributed it as a shareware application. In 1996, the Belgian company DataRescue took over the development of I ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DEBUG (DOS Command)
The line-oriented debugger DEBUG.EXE is an external command in operating systems such as DOS, OS/2 and Windows (only in 16-bit/32-bit versions). DEBUG can act as an assembler, disassembler, or hex dump program allowing users to interactively examine memory contents (in assembly language, hexadecimal or ASCII), make changes, and selectively execute COM, EXE and other file types. It also has several subcommands which are used to access specific disk sectors, I/O ports and memory addresses. Overview Traditionally, all computers and operating systems have included a maintenance function, used to determine whether a program is working correctly. DEBUG was originally written by Tim Paterson to serve this purpose in 86-DOS. When Paterson began working for Microsoft in the early 1980s he brought the program with him. DEBUG was part of and has been included in MS-DOS/ PC DOS and certain versions of Microsoft Windows. Originally named DEBUG.COM, the executable was renamed into D ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Binary Ninja
Binary Ninja is a reverse-engineering platform developed by Vector 35 Inc. It allows users to disassemble a binary file and visualize the disassembly in both linear and graph-based views. The software performs automated, in-depth code analysis, generating information that helps to analyze a binary. It lifts assembly instructions into intermediate languages, generating decompiled code. Binary Ninja supports various CPU architectures and binary executable formats, and runs on Windows, macOS, and Linux. It also offers a free-to-use cloud version and a native commercial version. History Originally developed as an internal tool for a CTF team, the developers later formed Vector 35 Inc. to turn Binary Ninja into a commercial product. Development began in 2015, and the first public version was released in July 2016. The commercial version was developed from scratch and does not share code with the original internal tool. The latter one is now open-sourced under the GPLv2 license. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GNU Binutils
The GNU Binary Utilities, or , is a collection of programming tools maintained by the GNU Project for working with executable code including assembly, linking and many other development operations. The tools are originally from Cygnus Solutions. The tools are typically used along with other GNU tools such as GNU Compiler Collection, and the GNU Debugger. Tools The tools include: elfutils Ulrich Drepper wrote , to partially replace GNU Binutils, purely for Linux and with support only for ELF and DWARF Dwarf, dwarfs or dwarves may refer to: Common uses *Dwarf (folklore), a supernatural being from Germanic folklore * Dwarf, a human or animal with dwarfism Arts, entertainment, and media Fictional entities * Dwarf (''Dungeons & Dragons''), a sh .... It distributes three libraries with it for programmatic access. See also * * * * * * * References External links * The ELF Tool Chain Project: the BSD license similar projectmirror {{DEFAULTSORT:Binutils ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Objdump
objdump is a command-line program for displaying various information about object files on Unix-like operating systems. For instance, it can be used as a disassembler to view an executable in assembly form. It is part of the GNU Binutils for fine-grained control over executables and other binary data. objdump uses the BFD library to read the contents of object files. Similar utilities are Borland TDUMP, Microsoft DUMPBIN and readelf. On certain platforms (e.g. macOS), the objdump binary may actually be a link to LLVM's objdump, with different command-line options and behavior. otool and nm perform analogous functions for Mach-O files. Example For example, $ objdump -D -M intel file.bin This disassembles the file file.bin, showing its assembly code in Intel syntax. Example output: 4004ed : 4004ed: 55 push rbp 4004ee: 48 89 e5 mov rbp,rsp 4004f1: c7 45 ec 00 00 00 00 mov DWORD PTR bp-0x140x0 4004f8: c7 45 f0 01 00 00 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Debugger
A debugger is a computer program used to test and debug other programs (the "target" programs). Common features of debuggers include the ability to run or halt the target program using breakpoints, step through code line by line, and display or modify the contents of memory, CPU registers, and stack frames. The code to be examined might alternatively be running on an '' instruction set simulator'' (ISS), a technique that allows great power in its ability to halt when specific conditions are encountered, but which will typically be somewhat slower than executing the code directly on the appropriate (or the same) processor. Some debuggers offer two modes of operation, full or partial simulation, to limit this impact. An exception occurs when the program cannot normally continue because of a programming bug or invalid data. For example, the program might have tried to use an instruction not available on the current version of the CPU or attempted to access unavailable or pro ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Cracking
Software cracking (known as "breaking" mostly in the 1980s) is an act of removing copy protection from a software. Copy protection can be removed by applying a specific ''crack''. A ''crack'' can mean any tool that enables breaking software protection, a stolen product key, or guessed password. Cracking software generally involves circumventing licensing and usage restrictions on commercial software by illegal methods. These methods can include modifying code directly through disassembling and bit editing, sharing stolen product keys, or developing software to generate activation keys. Examples of ''crack''s are: applying a '' patch'' or by creating reverse-engineered serial number generators known as '' keygens'', thus bypassing software registration and payments or converting a trial/demo version of the software into fully-functioning software without paying for it. Software cracking contributes to the rise of online piracy where pirated software is distributed to end-users ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Digital Rights Management
Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures, such as access control technologies, can restrict the use of proprietary hardware and copyrighted works. DRM technologies govern the use, modification and distribution of copyrighted works (e.g. software, multimedia content) and of systems that enforce these policies within devices. DRM technologies include licensing agreements and encryption. Laws in many countries criminalize the circumvention of DRM, communication about such circumvention, and the creation and distribution of tools used for such circumvention. Such laws are part of the United States' Digital Millennium Copyright Act (DMCA), and the European Union's Information Society Directive – with the French DADVSI an example of a member state of the European Union implementing that directive. Copyright holders argue that DRM technologies are necessary to protect intellectual proper ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Obfuscation (software)
In software development, obfuscation is the practice of creating source code, source or machine code that is intentionally difficult for humans or computers to understand. Similar to obfuscation in natural language, code obfuscation may involve using unnecessarily roundabout ways to write statements. Programmers often obfuscate code to conceal its purpose, logic, or embedded values. The primary reasons for doing so are to prevent Anti-tamper software, tampering, deter reverse engineering, or to create a puzzle or recreational challenge to deobfuscate the code, a challenge often included in Crackme, crackmes. While obfuscation can be done manually, it is more commonly performed using Executable compression, obfuscators. Overview The architecture and characteristics of some languages may make them easier to obfuscate than others. C (programming language), C, C++, and the Perl programming language are some examples of languages easy to obfuscate. Haskell (programming language), Hask ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Executable Compression
Executable compression is any means of compressing an executable file and combining the compressed data with decompression code into a single executable. When this compressed executable is executed, the decompression code recreates the original code from the compressed code before executing it. In most cases this happens transparently so the compressed executable can be used in exactly the same way as the original. Executable compressors are often referred to as executable packers, runtime packers, software packers, software protectors, or even " polymorphic packers" and " obfuscating tools". A compressed executable can be considered a self-extracting archive, where a compressed executable is packaged along with the relevant decompression code in an executable file. Some compressed executables can be decompressed to reconstruct the original program file without being directly executed. Two programs that can be used to do this are CUP386 and UNP. Most compressed executables dec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Complex Instruction Set Computer
A complex instruction set computer (CISC ) is a computer architecture in which single instructions can execute several low-level operations (such as a load from memory, an arithmetic operation, and a memory store) or are capable of multi-step operations or addressing modes within single instructions. The term was retroactively coined in contrast to reduced instruction set computer (RISC) and has therefore become something of an umbrella term for everything that is not RISC, where the typical differentiating characteristic is that most RISC designs use uniform instruction length for almost all instructions, and employ strictly separate load and store instructions. Examples of CISC architectures include complex mainframe computers to simplistic microcontrollers where memory load and store operations are not separated from arithmetic instructions. Specific instruction set architectures that have been retroactively labeled CISC are System/360 through z/Architecture, the PDP-1 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
