disassembly

Are there any libraries, callable from .NET, where I can pass in binary data and have it disassembled to x86 assembly code? If you don't mind binding to an unmanaged dll using P/Invoke, have a look at beaengine , its the best disassembler library your likely to find. libdisasm The libdisasm library provides basic disassembly of Intel x86 instructions from a binary stream. The intent is to provide an easy to use disassembler which can be called from any application; the disassembly can be produced in AT&T syntax and Intel syntax, as well as in an intermediate format which includes detailed

I need to compare few function calls and signature between my application and an working application. Here I don't mean any way to reverse engineer or access the source code of the other application , but truly need to know what are the methods , Interfaces used by the working application. I tried attaching my application to Visual Studio and then , Start>Debug , but this doesn't provide any useful information. Any help. Reflector Pro Visual Studio plug in can debug not only exe you write, but any other assembly ;) you can debug code, but once its compiled, its machine language and a debugger

I have an object file and am trying to disassemble it. When I use: objdump -d example.o I get an assembly in code in the file format of elf64-x86-64 . I am trying to disassemble this into ARM, how do I go about doing this? If you want to do disassemble of ARM code, you'd better have an ARM tool chain, this is what I got: http://bb.osmocom.org/trac/wiki/toolchain After you have this, you can use arm-elf-objdump instead of objdump. The command I used is arm-elf-objdump -D -b binary -marm binaryfile.dat If you look the manpage, you will find "-b" is followed by the file type. Sorry I don't know

I am working on a very low level part of the application in which performance is critical. While investigating the generated assembly, I noticed the following instruction: lea eax,[edx*8+8] I am used to seeing additions when using memory references (e.g. [edx+4]), but this is the first time I see a multiplication. Does this mean that the x86 processor can perform simple multiplications in the lea instruction? Does this multiplication have an impact on the number of cycles needed to execute the instruction? Is the multiplication limited to powers of 2 (I would assume this is the case)? Thanks

Say I do: #!/usr/bin/env python # encoding: utf-8 class A(object): pass Now I disassemble it: python -m dis test0.py 4 0 LOAD_CONST 0 ('A') 3 LOAD_NAME 0 (object) 6 BUILD_TUPLE 1 9 LOAD_CONST 1 (<code object A at 0x1004ebb30, file "test0.py", line 4>) 12 MAKE_FUNCTION 0 15 CALL_FUNCTION 0 18 BUILD_CLASS 19 STORE_NAME 1 (A) 22 LOAD_CONST 2 (None) 25 RETURN_VALUE Now I add some statements in the class definition: #!/usr/bin/env python # encoding: utf-8 class A(object): print 'hello' 1+1 pass And I disassemble again: 4 0 LOAD_CONST 0 ('A') 3 LOAD_NAME 0 (object) 6 BUILD_TUPLE 1 9 LOAD_CONST 1 (