https://www.hex-rays.com/products/decompiler/

We are pleased to present our flagship product, the Hex-Rays Decompiler, which brings binary software analysis within reach of millions of programmers. It converts executable programs into a human readable C-like pseudocode text.

In comparison to low level assembly language, high level language representation in Hex-Rays has several advantages:

  • concise: requires less time to read it
  • structured: program logic is more obvious
  • dynamic: variable names and types can be changed on the fly
  • familiar: no need to learn the assembly language
  • cool: the most advanced decompiler ever built!

The pseudocode text is generated on the fly. Our technology is fast enough to analyze 99% of functions within a couple of seconds.

Currently the decompiler supports 32bit compiled generated code for the x86 and ARM processors. We plan to port it to other platforms and add a programmatic API. This will allow our customers to implement their own analysis methods. Vulnerability search, software validation, coverage analysis are the directions that immediately come to mind.

The decompiler runs on MS Windows. The GUI and text IDA versions are supported. In the text mode, only batch operation is available.

Limitations

The decompiler comes in two different flavors:

  • x86 decompiler (32-bit code)
  • ARM decompiler

Currently the decompiler can handle compiler generated code. Manually crafted code may be decompiled too but the results are usually worse than for compiler code. Support for other processors and 64-bit code will eventually be added (no deadlines are available, sorry).

Below are the most important limitations of our decompilers (all processors):

  • exception handling is not supported
  • type recovery is not performed
  • global program analysis is not performed

Limitations specific to x86:

  • 16-bit programs are not analyzed

Limitations specific to ARM:

  • floating point instructions are not supported
  • VFP/SIMD/Neon/... instructions are not supported
  • arguments passed partially on registers and partially on the stack are not supported

The Decompiler software is available for two platforms:

x86 and ARM.

IDA Starter is enough to use the decompiler.

Hex-Rays Decompiler的更多相关文章

  1. IDA Pro使用技巧

    DA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭头 ...

  2. IDA Pro基本简介

    IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭 ...

  3. IDA Pro使用技巧及大杂烩

    IDA Pro使用技巧及大杂烩 IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行 ...

  4. IDA 操作记录

    IDA 操作记录 1.加载文件 windows 下,用ida加载文件后,会在该文件同目录下生成几个文件,含义如下: .id0 : 二叉树数据库 .id1:    文件包含描述每个程序字节的标记 .na ...

  5. win10 服务(系统默认服务)注册表

    ---恢复内容开始--- Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services] ...

  6. quartus和modelsim中使用mif和hex文件

    .mif和.hex文件都是Quartus支持的数据文件格式,常被用作内存初始化文件.可是,M odelSim却不支持.mif文件,只支持.hex文件格式,这意味着如果你的设计采用了.mif文件 ,你的 ...

  7. 类型转换bin()、chr()、ord() 、int()、float()、str()、repr()、bytes()、tuple(s )、 list(s )   、unichr(x ) 、 ord(x )  、 hex(x )  、          type()数据类型查询

    1.bin() 将整数x转换为二进制字符串,如果x不为Python中int类型,x必须包含方法__index__()并且返回值为integer: 参数x:整数或者包含__index__()方法切返回值 ...

  8. HEX文件格式和其校验算法

    这次我将在原来的基础上(http://www.cnblogs.com/libra13179/p/5787084.html)继续讲解HEX文件的格式 打开app_valid_setting_apply. ...

  9. java Decompiler的bug

    java Decompiler 有一个明显的bug是, 之前的打开jar文件,会被缓存起来,如果再次打开同名jar文件(jar内容替换~!),会导致仍然显示原来内容! . 必须关闭Decompiler ...

  10. 使用Apache的Hex类实现Hex(16进制字符串和)和字节数组的互转

    包名称:org.apache.commons.codec.binary 类名称:org.apache.commons.codec.binary.Hex 1.字节数组(byte[])转为十六进制(Hex ...

随机推荐

  1. Vue 实现countDown倒计时

    项目中要用到倒计时,用Vue 实现了一个 <template> <transition name="bkcd"> <div class="b ...

  2. Linux下./configure && make && make install 编译安装和卸载

    正常的编译安装/卸载: 源码的安装一般由3个步骤组成:配置(configure).编译(make).安装(make install).   configure文件是一个可执行的脚本文件,它有很多选项, ...

  3. MS-SQL2005服务器登录名、角色、数据库用户、角色、架构的关系

    MS SQL2005对2000进行了很大的改进,而用户关系这部分也变得相当复杂了,很多朋友都对此一知半解!下面,我将把我应用中总结的和大家分享下,先从概念入手,希望对不理解的朋友有点提示. 今天我们要 ...

  4. Hex Dump In Many Programming Languages

    Hex Dump In Many Programming Languages See also: ArraySumInManyProgrammingLanguages, CounterInManyPr ...

  5. Python学习:socket.gaierror: [Errno -8]

    在终端内打开python模式,利用如下代码查询本机hostname,这里举例为“xxMacBookPro.local”: import socket socket.gethostname() 在/et ...

  6. oracle配置ODBC

    摘自:http://www.cnblogs.com/shelvenn/p/3799849.html 我使用的Windows 10,64位的操作系统. 1.下载驱动包 base包:instantclie ...

  7. 21:包含min函数的栈

    import java.util.Stack; /** * 面试题21:包含min函数的栈 * 定义栈的数据结构,请在该类型中实现一个能够得到栈最小元素的min函数. */ public class ...

  8. 三、django rest_framework源码之权限流程剖析

    1 绪言 上一篇中分析了认证部分的源码,认证后的下一个环节就是权限判定了.事实上,权限判定肯定要与认证联合使用才行,因为认证部分不会对请求进行禁止或者是允许,而只是根据请求中用户信息进行用户身份判断, ...

  9. m3u8转mp4

    先进行一波操作 新建一个文件夹,里面床两个txt文件 如图 里面随意写一些内容 之后新建一个demo.bat文件.里面输入 copy /b 1.txt+2.txt new.txt 之后双击会有一个ne ...

  10. WMRouter:美团外卖Android开源路由框架

    WMRouter是一款Android路由框架,基于组件化的设计思路,功能灵活,使用也比较简单. WMRouter最初用于解决美团外卖C端App在业务演进过程中的实际问题,之后逐步推广到了美团其他App ...