:[diStorm}: - The ultimate disassembler library

Tuesday, July 12 2005 @ 10:14 AM CEST

Contributed by: c4

Level : beginner

OS : all
Language : C

diStorm is a binary stream disassembler. It's capable of disassembling 80x86 instructions both in 16 and 32 bits. In addition, it disassembles FPU, MMX, SSE, SSE2, SSE3 and 3DNow! (w/ extensions) instruction sets. diStorm was written to decode every instruction as accurately as possible. Robust decoding, while taking special care for valid or unused prefixes, is what makes this disassembler powerful, especially for research. Another benefit that might come in handy is that the module was written as multi-threaded, which means you could disassemble several streams or more simultaneously. For rapidly use, diStorm is compiled for Python.

The output consists of a few fields:
1)Offset of the disassembled instruction.
2)Size of the disassembled instruction.
3)Hex dump of the disassembled instruction in little-endian format (seperated repectively to operands).
4)Textual reprensentation of the disassembled instruction in Intel format.

More details about the decoding phase:



Download it here :www.ragestorm.net/distorm

0 comments



http://www.reversing.be/article.php?story=2005071210143064