8CUSTOMIZING DISASSEMBLY
So far, I’ve discussed basic binary analysis and disassembly techniques. But these basic techniques aren’t designed to handle obfuscated binaries that break standard disassembler assumptions or special-purpose analyses such as vulnerability scanning. Sometimes, even the scripting functionality offered by disassemblers isn’t enough to remedy this. In such cases, you can build your own specialized disassembly engine tailored to your needs.
In this chapter, you’ll learn how to implement a custom disassembler with Capstone, a disassembly framework that gives you full control over the entire analysis process. You’ll begin by exploring the Capstone API, using it to build a custom linear disassembler and a recursive disassembler. ...
Get Practical Binary Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
