8CUSTOMIZING DISASSEMBLY
So far, I’ve discussed basic binary analysis and disassembly techniques. But these basic techniques aren’t designed to handle obfuscated binaries that break standard disassembler assumptions or special-purpose analyses such as vulnerability scanning. Sometimes, even the scripting functionality offered by disassemblers isn’t enough to remedy this. In such cases, you can build your own specialized disassembly engine tailored to your needs.
In this chapter, you’ll learn how to implement a custom disassembler with Capstone, a disassembly framework that gives you full control over the entire analysis process. You’ll begin by exploring the Capstone API, using it to build a custom linear disassembler and a recursive disassembler. ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access