https://www.hex-rays.com/products/decompiler/

We are pleased to present our flagship product, the Hex-Rays Decompiler, which brings binary software analysis within reach of millions of programmers. It converts executable programs into a human readable C-like pseudocode text.

In comparison to low level assembly language, high level language representation in Hex-Rays has several advantages:

  • concise: requires less time to read it
  • structured: program logic is more obvious
  • dynamic: variable names and types can be changed on the fly
  • familiar: no need to learn the assembly language
  • cool: the most advanced decompiler ever built!

The pseudocode text is generated on the fly. Our technology is fast enough to analyze 99% of functions within a couple of seconds.

Currently the decompiler supports 32bit compiled generated code for the x86 and ARM processors. We plan to port it to other platforms and add a programmatic API. This will allow our customers to implement their own analysis methods. Vulnerability search, software validation, coverage analysis are the directions that immediately come to mind.

The decompiler runs on MS Windows. The GUI and text IDA versions are supported. In the text mode, only batch operation is available.

Limitations

The decompiler comes in two different flavors:

  • x86 decompiler (32-bit code)
  • ARM decompiler

Currently the decompiler can handle compiler generated code. Manually crafted code may be decompiled too but the results are usually worse than for compiler code. Support for other processors and 64-bit code will eventually be added (no deadlines are available, sorry).

Below are the most important limitations of our decompilers (all processors):

  • exception handling is not supported
  • type recovery is not performed
  • global program analysis is not performed

Limitations specific to x86:

  • 16-bit programs are not analyzed

Limitations specific to ARM:

  • floating point instructions are not supported
  • VFP/SIMD/Neon/... instructions are not supported
  • arguments passed partially on registers and partially on the stack are not supported

The Decompiler software is available for two platforms:

x86 and ARM.

IDA Starter is enough to use the decompiler.

Hex-Rays Decompiler的更多相关文章

  1. IDA Pro使用技巧

    DA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭头 ...

  2. IDA Pro基本简介

    IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭 ...

  3. IDA Pro使用技巧及大杂烩

    IDA Pro使用技巧及大杂烩 IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行 ...

  4. IDA 操作记录

    IDA 操作记录 1.加载文件 windows 下,用ida加载文件后,会在该文件同目录下生成几个文件,含义如下: .id0 : 二叉树数据库 .id1:    文件包含描述每个程序字节的标记 .na ...

  5. win10 服务(系统默认服务)注册表

    ---恢复内容开始--- Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services] ...

  6. quartus和modelsim中使用mif和hex文件

    .mif和.hex文件都是Quartus支持的数据文件格式,常被用作内存初始化文件.可是,M odelSim却不支持.mif文件,只支持.hex文件格式,这意味着如果你的设计采用了.mif文件 ,你的 ...

  7. 类型转换bin()、chr()、ord() 、int()、float()、str()、repr()、bytes()、tuple(s )、 list(s )   、unichr(x ) 、 ord(x )  、 hex(x )  、          type()数据类型查询

    1.bin() 将整数x转换为二进制字符串,如果x不为Python中int类型,x必须包含方法__index__()并且返回值为integer: 参数x:整数或者包含__index__()方法切返回值 ...

  8. HEX文件格式和其校验算法

    这次我将在原来的基础上(http://www.cnblogs.com/libra13179/p/5787084.html)继续讲解HEX文件的格式 打开app_valid_setting_apply. ...

  9. java Decompiler的bug

    java Decompiler 有一个明显的bug是, 之前的打开jar文件,会被缓存起来,如果再次打开同名jar文件(jar内容替换~!),会导致仍然显示原来内容! . 必须关闭Decompiler ...

  10. 使用Apache的Hex类实现Hex(16进制字符串和)和字节数组的互转

    包名称:org.apache.commons.codec.binary 类名称:org.apache.commons.codec.binary.Hex 1.字节数组(byte[])转为十六进制(Hex ...

随机推荐

  1. OKR.2019

    转眼又一年过去了,回顾审视一年的得失,规划下一年的奋斗目标.Review And Planning,让全新的2019迎来全新的自己. O1 学习软件开发技术知识 KR1.1 阅读<CLR via ...

  2. MyBatis3-实现MyBatis分页

    此文章中的例子是沿用上一篇文章http://www.cnblogs.com/EasonJim/p/7055499.html的Spring MVC集成的例子改装的. MyBatis分页有以下方式实现: ...

  3. js中的事件委托或是事件代理

    JavaScript(jQuery)中的事件委托 https://www.cnblogs.com/zhoushengxiu/p/5703095.html js中的事件委托或是事件代理详解 https: ...

  4. C#比较时分秒大小,终止分钟默认加十分钟,解决跨天、跨月、跨年的情况

    private void cmbInHostimes_SelectedIndexChanged(object sender, EventArgs e) { DataRow[] dr; if (chkM ...

  5. python类型学习

    python类型学习 标准类型 数字 Integer 整型 Boolean 布尔型 Long integer 长整型 Floating point real numer  浮点型 Complex nu ...

  6. php单双引号嵌套解决方案

    代码如下: <?php $path = "./"; function show_files($path){ //下面是单双引号嵌套解决方案 //echo "< ...

  7. 学习python绘图

    学会python画图 # 使用清华的pip源进行安装sklearn # pip install -i https://pypi.tuna.tsinghua.edu.cn/simple -U sciki ...

  8. Spring MVC之JSON数据交互和RESTful的支持

    1.JSON概述 1.1 什么是JSON JSON(JavaScript Object Notation,JS对象标记)是一种轻量级的数据交换格式.它是基于JavaScript的一个子集,使用了C.C ...

  9. CI框架整合UEditor编辑器上传功能

    最近项目中要使用到富文本编辑器,选用了功能强大的UEditor,接下来就来讲讲UEditor编辑器的上传功能整合. 本文UEditor版本:ueditor1_4_3_utf8_php版本 第一步:部署 ...

  10. 浅谈C#中的值类型和引用类型

    在C#中,值类型和引用类型是相当重要的两个概念,必须在设计类型的时候就决定类型实例的行为.如果在编写代码时不能理解引用类型和值类型的区别,那么将会给代码带来不必要的异常.很多人就是因为没有弄清楚这两个 ...