Reputation: 7387
Scriptable Windows Disassembler [non cygwin]
I'm currently trying to implement something that combines reverse engineering and graph theory. Therefore I'd like to disassemble PE binaries. There're some very sophisticated tools to do so, like IDA or w32dasm. Latter seems to be dead. IDA is not scriptable - as far as I know.
The reason why I want a scriptable disassembler is, that I implement my program in C#. It gets a binary, and therefore it has to get the opcode somehow. I think I need to call some helping program with arguments. IDA cannot be called without GUI. It doesn't offer real cmdline options.
Any ideas?
Thanks, wishi
Upvotes: 0
Views: 384
Answers (3)
Reputation: 9611
IDA can be scripted with Python. Version 5.5 even comes bundled with idapython.
Upvotes: 2
Reputation: 25177
IDA has a built-in scripting language called IDC. Lots of examples here. Also, IDA can be called without a GUI - consult the documentation for idaw.exe.
Upvotes: 5
Reputation: 40336
[dumpbin /disasm](http://msdn.microsoft.com/en-us/library/xtf7fdaz(VS.71).aspx) should do the trick. You could also script CDB to do it.
Upvotes: 1
Related Questions
- How do I decompile a .NET EXE into readable C# source code?
- Is it possible to "decompile" a Windows .exe? Or at least view the Assembly?
- Portable executable file analysing using c#
- Easy to use debugger for Portable Executable malware
- Disassembly code from visual studio
- Can I debug an Exe
- Annotated disassembly of executable
- Making space for added bytecode (machine code) in a Windows PE executable
- disassemble managed binary to get .cs code
- C# - Executables decompilable (can be reverse engineered)?