https://www.hex-rays.com/products/decompiler/

We are pleased to present our flagship product, the Hex-Rays Decompiler, which brings binary software analysis within reach of millions of programmers. It converts executable programs into a human readable C-like pseudocode text.

In comparison to low level assembly language, high level language representation in Hex-Rays has several advantages:

  • concise: requires less time to read it
  • structured: program logic is more obvious
  • dynamic: variable names and types can be changed on the fly
  • familiar: no need to learn the assembly language
  • cool: the most advanced decompiler ever built!

The pseudocode text is generated on the fly. Our technology is fast enough to analyze 99% of functions within a couple of seconds.

Currently the decompiler supports 32bit compiled generated code for the x86 and ARM processors. We plan to port it to other platforms and add a programmatic API. This will allow our customers to implement their own analysis methods. Vulnerability search, software validation, coverage analysis are the directions that immediately come to mind.

The decompiler runs on MS Windows. The GUI and text IDA versions are supported. In the text mode, only batch operation is available.

Limitations

The decompiler comes in two different flavors:

  • x86 decompiler (32-bit code)
  • ARM decompiler

Currently the decompiler can handle compiler generated code. Manually crafted code may be decompiled too but the results are usually worse than for compiler code. Support for other processors and 64-bit code will eventually be added (no deadlines are available, sorry).

Below are the most important limitations of our decompilers (all processors):

  • exception handling is not supported
  • type recovery is not performed
  • global program analysis is not performed

Limitations specific to x86:

  • 16-bit programs are not analyzed

Limitations specific to ARM:

  • floating point instructions are not supported
  • VFP/SIMD/Neon/... instructions are not supported
  • arguments passed partially on registers and partially on the stack are not supported

The Decompiler software is available for two platforms:

x86 and ARM.

IDA Starter is enough to use the decompiler.

Hex-Rays Decompiler的更多相关文章

  1. IDA Pro使用技巧

    DA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭头 ...

  2. IDA Pro基本简介

    IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭 ...

  3. IDA Pro使用技巧及大杂烩

    IDA Pro使用技巧及大杂烩 IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行 ...

  4. IDA 操作记录

    IDA 操作记录 1.加载文件 windows 下,用ida加载文件后,会在该文件同目录下生成几个文件,含义如下: .id0 : 二叉树数据库 .id1:    文件包含描述每个程序字节的标记 .na ...

  5. win10 服务(系统默认服务)注册表

    ---恢复内容开始--- Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services] ...

  6. quartus和modelsim中使用mif和hex文件

    .mif和.hex文件都是Quartus支持的数据文件格式,常被用作内存初始化文件.可是,M odelSim却不支持.mif文件,只支持.hex文件格式,这意味着如果你的设计采用了.mif文件 ,你的 ...

  7. 类型转换bin()、chr()、ord() 、int()、float()、str()、repr()、bytes()、tuple(s )、 list(s )   、unichr(x ) 、 ord(x )  、 hex(x )  、          type()数据类型查询

    1.bin() 将整数x转换为二进制字符串,如果x不为Python中int类型,x必须包含方法__index__()并且返回值为integer: 参数x:整数或者包含__index__()方法切返回值 ...

  8. HEX文件格式和其校验算法

    这次我将在原来的基础上(http://www.cnblogs.com/libra13179/p/5787084.html)继续讲解HEX文件的格式 打开app_valid_setting_apply. ...

  9. java Decompiler的bug

    java Decompiler 有一个明显的bug是, 之前的打开jar文件,会被缓存起来,如果再次打开同名jar文件(jar内容替换~!),会导致仍然显示原来内容! . 必须关闭Decompiler ...

  10. 使用Apache的Hex类实现Hex(16进制字符串和)和字节数组的互转

    包名称:org.apache.commons.codec.binary 类名称:org.apache.commons.codec.binary.Hex 1.字节数组(byte[])转为十六进制(Hex ...

随机推荐

  1. Linux入门(一)root密码设置和用户切换

    从这学期开始,本人将会亲自开一个Linux 专题学习包括Linux 常用命令,常见问题的一些解决方法,以及Linux系统下C和C++一些学习经验 下面这张图片是首次安装Ubuntu后第一次设置root ...

  2. Gitflow工作流

    什么是Gitflow工作流 Gitflow工作流定义了一个围绕项目发布的严格分支模型.虽然比功能分支工作流复杂几分,但提供了用于一个健壮的用于管理大型项目的框架. Gitflow工作流没有用超出功能分 ...

  3. (三)使用XML配置SQL映射器

    SqlSessionFactoryUtil.java package com.javaxk.util; import java.io.IOException; import java.io.Input ...

  4. 压力测试随笔之:JMeter,LoadRunner 相得益彰

    做压力测试,我喜欢先写 JMeter 脚本,功能测通以后再翻译成 LoadRunner 脚本,最后用 LoadRunner 完成压测.也许我是 Java 出身吧,对 JMeter 总是有一种亲切感用着 ...

  5. day6 xml文件格式的处理

        XML处理模块 xml是实现不同语言或程序之间进行数据交换的协议,跟json差不多,但json使用起来更简单,不过,古时候,在json还没诞生的黑暗年代,大家只能选择用xml呀,至今很多传统公 ...

  6. SRILM语言模型格式解读

    先看一下语言模型的输出格式 \data\ ngram = ngram = ngram = \-grams: -5.24036 'cause -0.2084827 -4.675221 'em -0.22 ...

  7. python开发学习-day14(jquery、ajax等)

    s12-20160421-day14 *:first-child { margin-top: 0 !important; } body>*:last-child { margin-bottom: ...

  8. hdoj2159 FATE(完全背包)

    题目链接 http://acm.hdu.edu.cn/showproblem.php?pid=2159 思路 每种怪都有无限个,所以使用完全背包来解决.这题比普通完全背包多了一个条件,就是杀怪的个数不 ...

  9. mac 用密钥远程登陆

    window远程登陆命令:mstsc A为本地主机(即用于控制其他主机的机器) ;B为远程主机(即被控制的机器Server), 假如ip为192.168.60.110;A和B的系统都是Linux 在A ...

  10. Hadoop整理四(Hadoop分布式计算框架MapReduce)

    Apache Hadoop YARN (Yet Another Resource Negotiator,另一种资源协调者)是一种新的 Hadoop 资源管理器,它是一个通用资源管理系统,可为上层应用提 ...