x86/x86-64 assembler/jitter written in C#

  •        139

The project goal is to develop a library for generating machine code irrelatively to machine architecture. Assembler-like C# API is a bonus.

http://csasmjit.codeplex.com/

Tags
Implementation
License
Platform

   




Related Projects

ChrysaLisp - Parallel OS, with GUI, Terminal, OO Assembler, Class libraries, C-Script compiler, Lisp interpreter and more

  •    C++

Assembler/C-Script/Lisp 64 bit OS. MIMD, multi CPU, multi threaded, multi core, multi user. Runs on OSX or Linux for x64, PI64 Linux for Aarch64. Will move to bare metal eventually but it's useful for now to run hosted while experimenting. When time allows I will be doing a VM boot image for UniKernel type appliances and a WebAssembly target to play around within the browser.

WinREPL - x86 and x64 assembly "read-eval-print loop" shell for Windows

  •    C++

WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly. zerosum0x0/WinREPL is similar to yrp604/rappel (Linux) and Tyilo/asm_repl (Mac), but with a slightly different methodology that should allow for tricks such as self-modifying shellcode crypting/encoding. There is also enferex/asrepl for a Unicorn (emulated) version, but WinREPL is completely native inside a Windows process context.

xbyak - a JIT assembler for x86(IA-32)/x64(AMD64, x86-64) MMX/SSE/SSE2/SSE3/SSSE3/SSE4/FPU/AVX/AVX2/AVX-512 by C++ header

  •    C++

This is a header file which enables dynamically to assemble x86(IA32), x64(AMD64, x86-64) mnemonic. header file only you can use Xbyak's functions at once if xbyak.h is included.

Monate - Object Oriented Assembly

  •    Assembly

Monate is an Object Oriented Programming Assembly . It's a pre-assembler that compiles x86-x64 OOP assembly codes to non-OOP codes and then compiles them by FASM/NASM assembler . You can create classes and use them in your assembly codes . Monate is easy to use and powerful .

trapcc - Computing with traps

  •    C

This is a proof by construction that the Intel MMU's fault handling mechanism is Turing complete. We have constructed an assembler that translates 'Move, Branch if Zero, Decrement' instructions to C source that sets up various processor control tables. After this code has executed, the CPU computes by attempting to fault without ever executing a single instruction. Optionally, the assembler can also generate X86 instructions that will display variables in the VGA frame buffer and will cause control to be transferred between the native (display) instructions and 'weird machine' trap instructions. To read up on the awesome idea of weird machines and their uses, see @sergeybratus's and @halvarflake's work. In short, we are trying to find hidden state and derive computation of it in unexpected places. One practical use of this technique is for code obfuscation - many (kernel) debuggers will break due to the frequent context switches (esp. cooperative debuggers like KGDB) and analyzing the binary is going to be extraordinaly confusing, especially if normal X86 instructions and trap instructions are interleaved to do weird control transfer. Furthermore, out of the many virtual machines only Bochs runs such trap based programs correctly (and there are other tricks to distinguish bochs from a real box).


ArchAssembler

  •    CSharp

ArchAssembler is a .net (c#) library providing the functionalities of an assembler. Target architecture is x86/x64 with streaming SIMD extensions. Target executable file format is Windows Portable Executable (PE).

rewolf-wow64ext - Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems

  •    C++

WOW64Ext is a helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems. It enables x86 applications to read, write and enumerate memory of a native x64 applications. There is also possibility to call any x64 function from 64-bits version of NTDLL through a special function called X64Call(). As a bonus, wow64ext.h contains definitions of some structures that might be useful for programs that want to access PEB, TEB, TIB etc.

go-disruptor - A port of the LMAX Disruptor to the Go language.

  •    Go

This is a port of the LMAX Disruptor into the Go programming language. It retains the essence and spirit of the Disruptor and utilizes a lot of the same abstractions and concepts, but does not maintain the same API.On my MacBook Pro (Intel Core i7-4960HQ CPU @ 2.60GHz) using Go 1.4.2, I was able to push over 900 million messages per second (yes, you read that right) from one goroutine to another goroutine. The message being transferred between the two CPU cores was a simple, incrementing number, but literally could be anything. Note that your mileage may vary and that different operating systems can introduce significant “jitter” into the application by taking control of the CPU and invalidating the various CPU caches. Linux and Windows have the ability to assign a given process to specific CPU cores which reduces jitter significantly by keeping all the CPU caches hot. Parenthetically, when the Disruptor code is compiled and run on a Nexus 5, it can push about 15-20 million messages per second.

Simd - C++ image processing library with using of SIMD: SSE, SSE2, SSE3, SSSE3, SSE4

  •    C++

The Simd Library is a free open source image processing library, designed for C and C++ programmers. It provides many useful high performance algorithms for image processing such as: pixel format conversion, image scaling and filtration, extraction of statistic information from images, motion detection, object detection (HAAR and LBP classifier cascades) and classification, neural network. The algorithms are optimized with using of different SIMD CPU extensions. In particular the library supports following CPU extensions: SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AVX, AVX2 and AVX-512 for x86/x64, VMX(Altivec) and VSX(Power7) for PowerPC (big-endian), NEON for ARM.

x64asm - x86-64 assembler library

  •    C++

Simplicity: x64 asm does NOT include a register allocator, instruction scheduler, control flow graph builder, or any of the features you would expect of a full compiler. It is a low-level library for building YOUR optimizing compiler. Completeness: x64asm supports the entire ring 3 application level subset of the x86_64 instruction set, including the most recent AVX2/BMI1/BMI2/FMA extensions.

rp - rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries

  •    C++

rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O (doesn't support the FAT binaries) x86/x64 binaries. It is open-source, documented with Doxygen (well, I'm trying to..) and has been tested on several OS: Debian / Windows 7 / FreeBSD / Mac OSX Lion (10.7.3). Moreover, it is x64 compatible. I almost forgot, it handles both Intel and AT&T syntax (beloved BeaEngine). By the way, the tool is a standalone executable ; I will upload static-compiled binaries for each OS. You can build very easily rp++ with CMake, it will generate a project file for your prefered IDE. There are some other things you will be able to do with rp++, like finding hexadecimal values, or strings, etc.

Nitrogen Assembler

  •    

Nitrogen Assembler. A new assembler for x86/x86-64.

Memory Leak Detector including CallStack Info for x86/x64 c++

  •    

i have rewrited this sources which were by David A. Jones to run in x64 and x86 mode.

Thumbnail me

  •    C++

Thumbnail me is a free and open source thumbnails generator built on movie thumbnailer. Thumbnail me is coded in C++ and uses the Qt 4.8.0 library. This software is actually available on Windows Xp / 2k3 / 2k8 / Vista / 7 x86/x64 and Linux x86/x64. Source Code : http://sourceforge.net/projects/thumbnailme/files/Sources/thumbnailme_3.0_Windows_Sources.zip/download Source Documentation : http://www.thumbnailme.com/doc

x64dbg - An open-source x64/x32 debugger for windows.

  •    C++

This is a community effort and we accept pull requests! See the CONTRIBUTING document for more information. If you have any questions you can always contact us or open an issue. You can take a look at the easy issues to get started. You can find an exhaustive list of GitHub contributers here.

lzham_codec - Lossless data compression codec with LZMA-like ratios but 1

  •    C++

LZHAM is a lossless data compression codec written in C/C++ (specifically C++03), with a compression ratio similar to LZMA but with 1.5x-8x faster decompression speed. It officially supports Linux x86/x64, Windows x86/x64, OSX, and iOS, with Android support on the way. LZHAM is a lossless (LZ based) data compression codec optimized for particularly fast decompression at very high compression ratios with a zlib compatible API. It's been developed over a period of 3 years and alpha versions have already shipped in many products. (The alpha is here: https://code.google.com/p/lzham/) LZHAM's decompressor is slower than zlib's, but generally much faster than LZMA's, with a compression ratio that is typically within a few percent of LZMA's and sometimes better.

AsmHighlighter - x86 ASM Syntax Highlighting AddIn for Visual Studio

  •    

AsmHighlighter is an extension to Visual Studio 2008 that provides syntax highlighting for x86 ASM language. MASM and NASM syntaxes are supported.

PeachPy - x86-64 assembler embedded in Python

  •    Python

PeachPy is a Python framework for writing high-performance assembly kernels. Now you can compile this code into a binary object file that you can link into a program...

RE-for-beginners - "Reverse Engineering for Beginners" free book

  •    TeX

Topics discussed: x86/x64, ARM/ARM64, MIPS, Java/JVM. Compiled versions can be found here: English, Russian, German and French.

ScyllaHide - Fork of ScyllaHide: https://bitbucket.org/NtQuery/scyllahide, Releases:

  •    C++

ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). If you need kernelmode (ring0) Anti-Anti-Debug please see TitanHide https://github.com/mrexodia/titanhide. PE x64 debugging is fully supported with plugins for x64dbg and IDA.