https://www.hex-rays.com/products/decompiler/

We are pleased to present our flagship product, the Hex-Rays Decompiler, which brings binary software analysis within reach of millions of programmers. It converts executable programs into a human readable C-like pseudocode text.

In comparison to low level assembly language, high level language representation in Hex-Rays has several advantages:

  • concise: requires less time to read it
  • structured: program logic is more obvious
  • dynamic: variable names and types can be changed on the fly
  • familiar: no need to learn the assembly language
  • cool: the most advanced decompiler ever built!

The pseudocode text is generated on the fly. Our technology is fast enough to analyze 99% of functions within a couple of seconds.

Currently the decompiler supports 32bit compiled generated code for the x86 and ARM processors. We plan to port it to other platforms and add a programmatic API. This will allow our customers to implement their own analysis methods. Vulnerability search, software validation, coverage analysis are the directions that immediately come to mind.

The decompiler runs on MS Windows. The GUI and text IDA versions are supported. In the text mode, only batch operation is available.

Limitations

The decompiler comes in two different flavors:

  • x86 decompiler (32-bit code)
  • ARM decompiler

Currently the decompiler can handle compiler generated code. Manually crafted code may be decompiled too but the results are usually worse than for compiler code. Support for other processors and 64-bit code will eventually be added (no deadlines are available, sorry).

Below are the most important limitations of our decompilers (all processors):

  • exception handling is not supported
  • type recovery is not performed
  • global program analysis is not performed

Limitations specific to x86:

  • 16-bit programs are not analyzed

Limitations specific to ARM:

  • floating point instructions are not supported
  • VFP/SIMD/Neon/... instructions are not supported
  • arguments passed partially on registers and partially on the stack are not supported

The Decompiler software is available for two platforms:

x86 and ARM.

IDA Starter is enough to use the decompiler.

Hex-Rays Decompiler的更多相关文章

  1. IDA Pro使用技巧

    DA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭头 ...

  2. IDA Pro基本简介

    IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭 ...

  3. IDA Pro使用技巧及大杂烩

    IDA Pro使用技巧及大杂烩 IDA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行 ...

  4. IDA 操作记录

    IDA 操作记录 1.加载文件 windows 下,用ida加载文件后,会在该文件同目录下生成几个文件,含义如下: .id0 : 二叉树数据库 .id1:    文件包含描述每个程序字节的标记 .na ...

  5. win10 服务(系统默认服务)注册表

    ---恢复内容开始--- Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services] ...

  6. quartus和modelsim中使用mif和hex文件

    .mif和.hex文件都是Quartus支持的数据文件格式,常被用作内存初始化文件.可是,M odelSim却不支持.mif文件,只支持.hex文件格式,这意味着如果你的设计采用了.mif文件 ,你的 ...

  7. 类型转换bin()、chr()、ord() 、int()、float()、str()、repr()、bytes()、tuple(s )、 list(s )   、unichr(x ) 、 ord(x )  、 hex(x )  、          type()数据类型查询

    1.bin() 将整数x转换为二进制字符串,如果x不为Python中int类型,x必须包含方法__index__()并且返回值为integer: 参数x:整数或者包含__index__()方法切返回值 ...

  8. HEX文件格式和其校验算法

    这次我将在原来的基础上(http://www.cnblogs.com/libra13179/p/5787084.html)继续讲解HEX文件的格式 打开app_valid_setting_apply. ...

  9. java Decompiler的bug

    java Decompiler 有一个明显的bug是, 之前的打开jar文件,会被缓存起来,如果再次打开同名jar文件(jar内容替换~!),会导致仍然显示原来内容! . 必须关闭Decompiler ...

  10. 使用Apache的Hex类实现Hex(16进制字符串和)和字节数组的互转

    包名称:org.apache.commons.codec.binary 类名称:org.apache.commons.codec.binary.Hex 1.字节数组(byte[])转为十六进制(Hex ...

随机推荐

  1. 缓存数据库-redis(订阅发布)

    一:Redis 发布订阅 Redis 发布订阅(pub/sub)是一种消息通信模式:发送者(pub)发送消息,订阅者(sub)接收消息. Redis 客户端可以订阅任意数量的频道. 下图展示了频道 c ...

  2. TF-搞不懂的TF矩阵加法

    看谷歌的demo mnist,卷积后加偏执量的代码 h_conv1 = tf.nn.relu(conv2d(x_image, W_conv1) + b_conv1)h_pool1 = max_pool ...

  3. 洛谷P1242 新汉诺塔

    传送门啦 首先要将第n个盘子从x到y,那么就要把比n小的盘子全部移到6-x-y,然后将n移到y 仔细想想:6代表的是3根初始柱,3根目标柱. 6-(x+y) 便是我们的中转柱了,因为到这个位置是最优的 ...

  4. Ajax请求中的async:false/true

    Ajax请求中的async:false/trueasync. 默认是 true,即为异步方式,$.ajax执行后,会继续执行ajax后面的脚本,直到服务器端返回数据后,触发$.ajax里的succes ...

  5. 高版本SQL备份在低版本SQL还原问题

    问题描述: 高版本SQL备份在低版本SQL还原问题(出现媒体簇的结构不正确)      分析原因: SQL版本兼容问题,SQL SERVER兼容级别是用作向下兼容用,高版本的SQL备份在低版本中不兼容 ...

  6. 有关c语言编程

    有关C语言编程 统计代码"行数" 对于统计代码"行数",行数不包括空白行和注释行.程序改进如下: while(fgets (mystring , 100 , f ...

  7. PHP性能调优---php-fpm - 启动参数及重要配置详解

    约定几个目录/usr/local/php/sbin/php-fpm/usr/local/php/etc/php-fpm.conf/usr/local/php/etc/php.ini 一,php-fpm ...

  8. dos批处理知识

    echo 命令 rem 命令 pause 命令 call 命令 start 命令 goto 命令 set 命令 编辑本段批处理符号简介 回显屏蔽 重定向1 与 重定向2 管道符号 转义符 逻辑命令符 ...

  9. 《精通Python设计模式》学习之原型模式

    暂时在工作中,还没有用到呢~~~ 以后要留意一下,主要用于复制对象副本, 然后又有自定义属性的地方. import copy from collections import OrderedDict c ...

  10. React + Reflux 渲染性能优化原理

    作者:ManfredHu 链接:http://www.manfredhu.com/2016/11/08/23-reactRenderingPrinciple 声明:版权所有,转载请保留本段信息,否则请 ...