|
Disassembler
A disassembler is a computer program that translates machine language into assembly language—the inverse operation to that of an assembler. The output of disassembly is typically formatted for human-readability rather than for input to an assembler, making disassemblers primarily a reverse-engineering tool. Common uses include analyzing the output of high-level programming language compilers and their optimizations, recovering source code when the original is lost, performing malware analysis, modifying software (such as binary patching), and software cracking. A disassembler differs from a decompiler, which targets a high-level language rather than an assembly language. Assembly language source code generally permits the use of constants and programmer comments. These are usually removed from the assembled machine code by the assembler. If so, a disassembler operating on the machine code would produce disassembly lacking these constants and comments; the disassembled outpu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Assembly Language
In computing, assembly language (alternatively assembler language or symbolic machine code), often referred to simply as assembly and commonly abbreviated as ASM or asm, is any low-level programming language with a very strong correspondence between the instructions in the language and the architecture's machine code instructions. Assembly language usually has one statement per machine instruction (1:1), but constants, comments, assembler directives, symbolic labels of, e.g., memory locations, registers, and macros are generally also supported. The first assembly code in which a language is used to represent machine code instructions is found in Kathleen and Andrew Donald Booth's 1947 work, ''Coding for A.R.C.''. Assembly code is converted into executable machine code by a utility program referred to as an '' assembler''. The term "assembler" is generally attributed to Wilkes, Wheeler and Gill in their 1951 book '' The Preparation of Programs for an Electronic Dig ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Interactive Disassembler
The Interactive Disassembler (IDA) is a disassembler for computer software which generates assembly language source code from machine-executable code. It supports a variety of executable formats for different processors and operating systems. It can also be used as a debugger for Windows PE, Mac OS X Mach-O, and Linux ELF executables. A decompiler plug-in, which generates a high level, C source code-like representation of the analysed program, is available at extra cost. IDA is used widely in software reverse engineering, including for malware analysis and software vulnerability research. IDA's decompiler is one of the most popular and widely used decompilation frameworks, and IDA has been called the "de-facto industry standard" for program disassembly and static binary analysis. History Ilfak Guilfanov began working on IDA in 1990, and initially distributed it as a shareware application. In 1996, the Belgian company DataRescue took over the development of I ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DEBUG (DOS Command)
The line-oriented debugger DEBUG.EXE is an external command in operating systems such as DOS, OS/2 and Windows (only in 16-bit/32-bit versions). DEBUG can act as an assembler, disassembler, or hex dump program allowing users to interactively examine memory contents (in assembly language, hexadecimal or ASCII), make changes, and selectively execute COM, EXE and other file types. It also has several subcommands which are used to access specific disk sectors, I/O ports and memory addresses. Overview Traditionally, all computers and operating systems have included a maintenance function, used to determine whether a program is working correctly. DEBUG was originally written by Tim Paterson to serve this purpose in 86-DOS. When Paterson began working for Microsoft in the early 1980s he brought the program with him. DEBUG was part of and has been included in MS-DOS/ PC DOS and certain versions of Microsoft Windows. Originally named DEBUG.COM, the executable was renamed into D ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malware Analysis
Malware analysis is the study or process of determining the functionality, origin and potential impact of a given malware sample such as a virus, worm, trojan horse, rootkit, or backdoor. Malware or malicious software is any computer software intended to harm the host operating system or to steal sensitive data from users, organizations or companies. Malware may include software that gathers user information without permission. Use cases There are three typical use cases that drive the need for malware analysis: * Computer security incident management: If an organization discovers or suspects that some malware may have gotten into its systems, a response team may wish to perform malware analysis on any potential samples that are discovered during the investigation process to determine if they are malware and, if so, what impact that malware might have on the systems within the target organizations' environment. * Malware research: Academic or industry malware researchers may per ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Decompiler
A decompiler is a computer program that translates an executable file back into high-level source code. Unlike a compiler, which converts high-level code into machine code, a decompiler performs the reverse process. While disassemblers translate executables into assembly language, decompilers go a step further by reconstructing the disassembly into higher-level languages like C. Due to the one-way nature of the compilation process, decompilers usually cannot perfectly recreate the original source code. They often produce obfuscated and less readable code. Introduction Decompilation is the process of transforming executable code into a high-level, human-readable format using a decompiler. This process is commonly used for tasks that involve reverse-engineering the logic behind executable code, such as recovering lost or unavailable source code. Decompilers face inherent challenges due to the loss of critical information during the compilation process, such as variable names, c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Cracking
Software cracking (known as "breaking" mostly in the 1980s) is an act of removing copy protection from a software. Copy protection can be removed by applying a specific ''crack''. A ''crack'' can mean any tool that enables breaking software protection, a stolen product key, or guessed password. Cracking software generally involves circumventing licensing and usage restrictions on commercial software by illegal methods. These methods can include modifying code directly through disassembling and bit editing, sharing stolen product keys, or developing software to generate activation keys. Examples of ''crack''s are: applying a '' patch'' or by creating reverse-engineered serial number generators known as '' keygens'', thus bypassing software registration and payments or converting a trial/demo version of the software into fully-functioning software without paying for it. Software cracking contributes to the rise of online piracy where pirated software is distributed to end-users ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Machine Code
In computer programming, machine code is computer code consisting of machine language instructions, which are used to control a computer's central processing unit (CPU). For conventional binary computers, machine code is the binaryOn nonbinary machines it is, e.g., a decimal representation. representation of a computer program that is actually read and interpreted by the computer. A program in machine code consists of a sequence of machine instructions (possibly interspersed with data). Each machine code instruction causes the CPU to perform a specific task. Examples of such tasks include: # Load a word from memory to a CPU register # Execute an arithmetic logic unit (ALU) operation on one or more registers or memory locations # Jump or skip to an instruction that is not the next one In general, each architecture family (e.g., x86, ARM) has its own instruction set architecture (ISA), and hence its own specific machine code language. There are exceptions, such as the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Reverse Engineering
Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accomplishes a task with very little (if any) insight into exactly how it does so. Depending on the system under consideration and the technologies employed, the knowledge gained during reverse engineering can help with repurposing obsolete objects, doing security analysis, or learning how something works. Although the process is specific to the object on which it is being performed, all reverse engineering processes consist of three basic steps: information extraction, modeling, and review. Information extraction is the practice of gathering all relevant information for performing the operation. Modeling is the practice of combining the gathered information into an abstract model, which can be used as a guide for designing the new object or syst ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Compiler
In computing, a compiler is a computer program that Translator (computing), translates computer code written in one programming language (the ''source'' language) into another language (the ''target'' language). The name "compiler" is primarily used for programs that translate source code from a high-level programming language to a lower level language, low-level programming language (e.g. assembly language, object code, or machine code) to create an executable program.Compilers: Principles, Techniques, and Tools by Alfred V. Aho, Ravi Sethi, Jeffrey D. Ullman - Second Edition, 2007 There are many different types of compilers which produce output in different useful forms. A ''cross-compiler'' produces code for a different Central processing unit, CPU or operating system than the one on which the cross-compiler itself runs. A ''bootstrap compiler'' is often a temporary compiler, used for compiling a more permanent or better optimised compiler for a language. Related software ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Cracking
Software cracking (known as "breaking" mostly in the 1980s) is an act of removing copy protection from a software. Copy protection can be removed by applying a specific ''crack''. A ''crack'' can mean any tool that enables breaking software protection, a stolen product key, or guessed password. Cracking software generally involves circumventing licensing and usage restrictions on commercial software by illegal methods. These methods can include modifying code directly through disassembling and bit editing, sharing stolen product keys, or developing software to generate activation keys. Examples of ''crack''s are: applying a '' patch'' or by creating reverse-engineered serial number generators known as '' keygens'', thus bypassing software registration and payments or converting a trial/demo version of the software into fully-functioning software without paying for it. Software cracking contributes to the rise of online piracy where pirated software is distributed to end-users ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
