2015-05-16 11:05:17 +08:00
|
|
|
Zyan Disassembler Engine (Zydis)
|
2014-10-25 05:11:16 +08:00
|
|
|
==================================
|
2014-10-25 05:05:43 +08:00
|
|
|
|
|
|
|
Fast and lightweight x86/x86-64 disassembler library.
|
2014-10-25 05:11:16 +08:00
|
|
|
|
|
|
|
## Features ##
|
|
|
|
|
|
|
|
- Supports all x86 and x86-64 (AMD64) General purpose and System instructions.
|
|
|
|
- Supported ISA extensions:
|
|
|
|
- MMX, FPU (x87), AMD 3DNow
|
|
|
|
- SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES,
|
|
|
|
- AMD-V, INTEL-VMX, SMX
|
|
|
|
- Optimized for high performance
|
2014-11-03 22:15:48 +08:00
|
|
|
- Very small overhead compared to other common disassembler libraries (about 60KiB)
|
2014-10-25 05:11:16 +08:00
|
|
|
- Abstract formatter and symbol-resolver classes for custom syntax implementations.
|
|
|
|
- Intel syntax is implemented by default
|
2014-10-27 21:10:22 +08:00
|
|
|
- Complete doxygen documentation
|
2014-10-25 05:11:16 +08:00
|
|
|
|
2014-11-03 22:15:48 +08:00
|
|
|
## Quick Example ##
|
|
|
|
|
2015-05-16 11:05:17 +08:00
|
|
|
The following example program uses Zydis to disassemble a given memory buffer and prints the output to the console.
|
2014-11-03 22:15:48 +08:00
|
|
|
|
|
|
|
```C++
|
|
|
|
#include <tchar.h>
|
|
|
|
#include <iostream>
|
|
|
|
#include <stdint.h>
|
2015-05-16 11:05:17 +08:00
|
|
|
#include "Zydis.hpp"
|
2014-11-03 22:15:48 +08:00
|
|
|
|
2015-05-16 11:05:17 +08:00
|
|
|
using namespace Zydis;
|
2014-11-03 22:15:48 +08:00
|
|
|
|
|
|
|
int _tmain(int argc, _TCHAR* argv[])
|
|
|
|
{
|
|
|
|
uint8_t data[] =
|
|
|
|
{
|
|
|
|
0x90, 0xE9, 0x00, 0x00, 0x00, 0x00, 0xC3
|
|
|
|
};
|
2015-05-16 11:05:17 +08:00
|
|
|
MemoryInput input(&data[0], sizeof(data));
|
|
|
|
InstructionInfo info;
|
|
|
|
InstructionDecoder decoder;
|
|
|
|
decoder.setDisassemblerMode(ZydisMode::M32BIT);
|
2014-11-03 22:15:48 +08:00
|
|
|
decoder.setDataSource(&input);
|
|
|
|
decoder.setInstructionPointer(0);
|
2015-05-16 11:05:17 +08:00
|
|
|
IntelInstructionFormatter formatter;
|
2014-11-03 22:15:48 +08:00
|
|
|
while (decoder.decodeInstruction(info))
|
|
|
|
{
|
|
|
|
std::cout << formatter.formatInstruction(info) << std::endl;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
2014-10-25 05:11:16 +08:00
|
|
|
## Compilation ##
|
|
|
|
|
2015-05-16 11:05:17 +08:00
|
|
|
- While Zydis supports other compilers in theory, compilation has not been tested with any compiler other than MSVC12 (Visual Studio 2013)
|
2014-10-25 05:11:16 +08:00
|
|
|
- Multi-compiler support might be added in the future
|
|
|
|
|
|
|
|
## License ##
|
2015-05-16 11:05:17 +08:00
|
|
|
Zyan Disassembler Engine is licensed under the MIT License. Dependencies are under their respective licenses.
|