METASM - Assembly Manipulation Suite

9 October 2009

Metasm is a cross-architecture assembler, disassembler, compiler, linker and debugger. It is written in pure Ruby.

It has some advanced features such as remote process manipulation, GCC-compatible preprocessor, automatic backtracking in the disassembler ("slicing"), C headers shrinking, linux/windows debugging API interface, a C compiler, a gdb-server compatible debugger, and various advanced features.

Metasm has been integrated into Metasploit, however the Metasploit trunk is not necessarily synced with the latest version.

Metasm has been written in such a way that it is easy to add a new architecture.

Architectures:

Intel IA32 (16/32/64bits)
MIPS
PPC
Maybe later:
- ARM
- Cell
- SPARC

File formats:

Raw (for shellcodes)
MZ, PE/COFF (32 and 64 bits)
ELF (32 and 64 bits)
Mach-O (incomplete) and UniversalBinary
a few other (a.out, xcoff, nds)

More Information:

README.
Automatic binary deobfuscation (Yoann Guillot & Alexandre Gazet).

Post scriptum

To download metasm, you should use mercurial and clone the testing repository:
hg clone https://metasm.cr0.org/hg/metasm

Compliance Mandates

Code Auditing :
PCI/DSS 6.3.6, 6.3.7, 6.6, SOX A12.8, GLBA 16CFR Part 314.4(b) and (2);FISMA RA-5, SC-18, SA-11 SI-2, and ISO 27001/27002 (12.4.1, 12.4.3, 12.5)

Code Auditing	10 May 2010 : WebTest 1.2.1 - Testing Web Application with Python 7 May 2010 : fuu v0.1 Beta - [F]aster [U]niversal [U]npacker 24 April 2010 : Security Ninja security tool announcement 22 April 2010 : OWASP Code Crawler v2.7 released 7 April 2010 : CWE/SANS Top 25 list updated to v1.0.3
METASM	9 October 2009 : METASM - Assembly Manipulation Suite

METASM - Assembly Manipulation Suite

Post scriptum

Compliance Mandates

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU