New Series: Trusted Disassembler

For the past several years, I’ve been working on writing a new disassembly tool to compete with the likes of IDA Pro and objdump.

When I say compete, I don’t mean in the business sense. IDA Pro is a very well written and powerful tool with years of work put into it. It also focuses on a completely different user than the tool I’ve written. As per its namesake, IDA Pro is undoubtedly the most powerful interactive disassembler on the market and well worth its price. Objdump is also a well respected tool, and often utilized in research circles. It performs its intended job efficiently and admirably, however there are some unfortunate consequences in objdump’s analysis choices that lead to less-than-perfect and sometimes incorrect results.

What I mean when I say compete is to perform the task of disassembly itself in the most complete possible automatable manner. I need a disassembler that is automatic, meaning no human interaction beyond an invocation. I also need a disassembler that provides as complete as possible instruction listings, including aliased control flows, detection of jump targets through both opaque predicates and indirect references, and including return target detection.

As you can see, with these requirements, neither objdump or IDA Pro are up to the task. I’ll talk more about my tool and its features in future posts, as well as why it is more useful in certain applications than either of the other two main tools.

Leave a Reply

Your email address will not be published. Required fields are marked *