METASM - Assembly Manipulation Suite
Metasm is a cross-architecture assembler, disassembler, compiler, linker and debugger. It is written in pure Ruby.
It has some advanced features such as remote process manipulation, GCC-compatible preprocessor, automatic backtracking in the disassembler ("slicing"), C headers shrinking, linux/windows debugging API interface, a C compiler, a gdb-server compatible debugger, and various advanced features.
Metasm has been integrated into Metasploit, however the Metasploit trunk is not necessarily synced with the latest version.
Metasm has been written in such a way that it is easy to add a new architecture.
Architectures:
- Intel IA32 (16/32/64bits)
- MIPS
- PPC
- Maybe later:
- ARM
- Cell
- SPARC
File formats:
- Raw (for shellcodes)
- MZ, PE/COFF (32 and 64 bits)
- ELF (32 and 64 bits)
- Mach-O (incomplete) and UniversalBinary
- a few other (a.out, xcoff, nds)
More Information:
- README.
- Automatic binary deobfuscation (Yoann Guillot & Alexandre Gazet).
Post scriptum
|
Compliance Mandates
|
Related Articles
Code Auditing |
|
METASM |
|