All Projects → fdiskyou → Kcshell

fdiskyou / Kcshell

Licence: bsd-3-clause
Simple Python3 based interactive assembly/disassembly shell for various architectures powered by Keystone/Capstone.

Programming Languages

python
139335 projects - #7 most used programming language
python3
1442 projects
assembly
5116 projects
assembler
53 projects

Projects that are alternatives of or similar to Kcshell

Android Disassembler
Disassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. 안드로이드 NDK 공유 라이브러리, Windows 바이너리, etc,... 리버싱 앱
Stars: ✭ 250 (+140.38%)
Mutual labels:  disassembler, disassembly, capstone
Replica
Ghidra Analysis Enhancer 🐉
Stars: ✭ 194 (+86.54%)
Mutual labels:  disassembler, disassembly
bmod
bmod parses binaries for modification/patching and disassembles machine code sections.
Stars: ✭ 12 (-88.46%)
Mutual labels:  disassembler, disassembly
asm2cfg
Python command-line tool and GDB extension to view and save x86, ARM and objdump assembly files as control-flow graph (CFG) pdf files
Stars: ✭ 42 (-59.62%)
Mutual labels:  disassembler, disassembly
Chiasm Shell
Python-based interactive assembler/disassembler CLI, powered by Keystone/Capstone.
Stars: ✭ 24 (-76.92%)
Mutual labels:  disassembler, capstone
Shellen
🌸 Interactive shellcoding environment to easily craft shellcodes
Stars: ✭ 799 (+668.27%)
Mutual labels:  disassembly, capstone
Fhex
A Full-Featured HexEditor compatible with Linux/Windows/MacOS
Stars: ✭ 225 (+116.35%)
Mutual labels:  disassembler, capstone
Capstone.NET
.NET Core and .NET Framework binding for the Capstone Disassembly Framework
Stars: ✭ 108 (+3.85%)
Mutual labels:  disassembler, capstone
Plasma
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
Stars: ✭ 2,956 (+2742.31%)
Mutual labels:  disassembler, capstone
Distorm
Powerful Disassembler Library For x86/AMD64
Stars: ✭ 829 (+697.12%)
Mutual labels:  disassembler, disassembly
Peasauce
Peasauce Interactive Disassembler
Stars: ✭ 33 (-68.27%)
Mutual labels:  disassembler, disassembly
Corewar
School 42 project // Implementation of programming game “Core War” [Champions + Assembler + Disassembler + Virtual Machine + Visualizer]
Stars: ✭ 76 (-26.92%)
Mutual labels:  disassembler
Iced
Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for .NET, Rust, Python, JavaScript
Stars: ✭ 1,102 (+959.62%)
Mutual labels:  disassembler
Bincat
Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
Stars: ✭ 1,078 (+936.54%)
Mutual labels:  disassembly
Easyrop
A Python tool to generate ROP chains
Stars: ✭ 54 (-48.08%)
Mutual labels:  capstone
Elf Parser
Identifying/Extracting various sections of an ELF file
Stars: ✭ 88 (-15.38%)
Mutual labels:  disassembly
Univdisasm
x86 Disassembler and Analyzer
Stars: ✭ 74 (-28.85%)
Mutual labels:  disassembler
Tar Split
checksum-reproducible tar archives (utility/library)
Stars: ✭ 52 (-50%)
Mutual labels:  disassembly
Redasm
The OpenSource Disassembler
Stars: ✭ 1,042 (+901.92%)
Mutual labels:  disassembler
Pince
A reverse engineering tool that'll supply the place of Cheat Engine for linux
Stars: ✭ 987 (+849.04%)
Mutual labels:  disassembler

kcshell

What is it:

Simple Python3 based interactive assembly/disassembly shell for various architectures powered by Keystone/Capstone.

How to install it:

pip3 install kcshell

OR (assuming you have Keystone and Capstone build toolchains installed)

git clone https://github.com/fdiskyou/kcshell
cd kcshell
python setup.py install

Note: if for some reason the above doesn't work for you in a Debian based Linux distro because package maintainers ¯\_(ツ)_/¯ try:

$ sudo apt-get install cmake
$ wget https://github.com/keystone-engine/keystone/archive/0.9.1.tar.gz
$ tar zxvf 0.9.1.tar.gz
$ cd keystone-0.9.1/
$ mkdir build
$ cd build/
$ ../make-share.sh 
$ sudo make install
$ sudo pip3 install kcshell

Usage

By default 'kcshell' starts in 'assembler' mode (x86 32 bits). You can change modes with 'setmode', and you can also change the default architecture for both the 'assembler' and 'disassembler' with 'setarch'.

$ kcshell
-=[ kcshell 0.0.4 ]=-
Default Assembler architecture is x86 (32 bits)
asm> lsmodes
disasm, asm
asm> setmode disasm
Default Disassembler architecture is x86 (32 bits)
disasm> lsarchs
x86, mips32, arm_t, x64, arm, x16, arm64, mips64
disasm> setarch x64
Disassembler architecture is now x64
disasm> 

To assemble instructions just type the instructions in the command line.

asm> jmp esp
"\xff\xe4"
asm> xor eax, eax
"\x31\xc0"
asm> jmp -500
"\xe9\x07\xfe\xff\xff"
asm> add esp,-1500
"\x81\xc4\x24\xfa\xff\xff"
asm> xor ecx,ecx ; mov ch, 0xc8 ; mov esi, edi ; mov edi, esp ; rep movsb
"\x31\xc9\xb5\xc8\x89\xfe\x89\xe7\xf3\xa4"
asm> setarch x64
Assembler architecture is now x64
asm> inc rax
"\x48\xff\xc0"
asm> 

To go from opcodes to instructions just type them in the command line.

disasm> \xff\xe4
0x00400000:     jmp     esp
disasm> \x31\xc0
0x00400000:     xor     eax, eax
disasm> \x31\xc9\xb5\xc8\x89\xfe\x89\xe7\xf3\xa4
0x00400000:	xor	ecx, ecx
0x00400002:	mov	ch, 0xc8
0x00400004:	mov	esi, edi
0x00400006:	mov	edi, esp
0x00400008:	rep movsb	byte ptr es:[edi], byte ptr [esi]
disasm> setarch x64
Disassembler architecture is now x64
disasm> \x48\xff\xc0
0x00400000:     inc     rax
disasm> 

For help just use '?' or 'help <command>'.

asm> ?

Documented commands (type help <topic>):
========================================
EOF  exit  help  lsarchs  lsmodes  quit  setarch  setmode

asm> setmode disasm
Default Disassembler architecture is x86 (32 bits)
disasm> ?

Documented commands (type help <topic>):
========================================
EOF  exit  help  lsarchs  lsmodes  quit  setarch  setmode

disasm>

To list all the supported architectures just go to the desired mode and use 'lsarchs'.

asm> lsarchs
mips64, sparc64, sparc, arm_t, x64, x16, arm64, hexagon, systemz, mips32, ppc64, x86, arm, ppc32
asm> lsmodes
asm, disasm
asm> setmode disasm
Default Disassembler architecture is x86 (32 bits)
disasm> lsarchs
mips64, x16, arm64, mips32, arm_t, x86, arm, x64
disasm> 

Python Package Index

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].