0

Capstone Engine

Capstone disassembly/disassembler framework(Capstone反汇编/反汇编器框架): Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.

Official Site
Github repo
Main metrics

Github stars Tracking Chart

Capstone 引擎

Capstone 是一个反汇编框架,目标是成为安全社区中二进制分析和反转的终极 disasm 引擎。

由 Nguyen Anh Quynh 创建,然后由一个小社区开发和维护,Capstone 提供了一些无与伦比的功能。

  • 支持多种硬件架构: ARM、ARM64(ARMv8)、Ethereum VM、M68K、Mips、MOS65XX、PPC、Sparc、SystemZ、TMS320C64X、M680X、XCore和X86(包括X86_64)。
  • 拥有简洁/简单/轻量/直观的架构中立的API。
  • 提供详细的反汇编指令(别人称之为 "分解器")。
  • 提供反汇编指令的语义,如读取和写入的隐含寄存器列表。
  • 用纯 C 语言实现,并为 D, Clojure, F#, Common Lisp, Visual Basic, PHP, PowerShell, Emacs, Haskell, Perl, Python, Ruby, C#, NodeJS, Java, GO, C++, OCaml, Lua, Rust, Delphi, Free Pascal & Vala 提供轻量级的绑定(可以在主代码中使用,也可以由社区从外部提供)。
  • 本地支持所有流行的平台。Windows, Mac OSX, iOS, Android, Linux, *BSD, Solaris 等。
  • 线程安全的设计。
  • 特别支持嵌入到固件或操作系统内核中。
  • 高性能,适合恶意软件分析(能够处理各种X86恶意软件的技巧)。
  • 以开放源码 BSD 许可证发布。

更多信息请访问 http://www.capstone-engine.org

编译

如何编译和安装 Capstone,请参见 COMPILE.TXT 文件。

文档资料

参见 文档/README,了解如何使用 Capstone 定制和编程自己的工具。

Hack

源代码的结构请参见 HACK.TXT 文件。

许可证

本项目采用 BSD 许可证发布。如果您重新发布 Capstone 的二进制或源代码,请在您的产品中附上文件 LICENSE.TXT。


(The first version translated by vz on 2020.09.19)

Overview

Name With Ownercapstone-engine/capstone
Primary LanguageC
Program languageC++ (Language Count: 18)
PlatformAndroid, BSD, iOS, Linux, Mac, Solaris, Windows
License:
Release Count37
Last Release Name5.0.1 (Posted on )
First Release Name1.0 (Posted on )
Created At2013-11-27 02:32:11
Pushed At2024-05-09 07:33:50
Last Commit At2023-01-19 12:15:47
Stargazers Count7.1k
Watchers Count303
Fork Count1.5k
Commits Count5.1k
Has Issues Enabled
Issues Count1186
Issue Open Count333
Pull Requests Count933
Pull Requests Open Count10
Pull Requests Close Count209
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private

Capstone Engine

Build Status
Build status
pypi package
pypi downloads

Capstone is a disassembly framework with the target of becoming the ultimate
disasm engine for binary analysis and reversing in the security community.

Created by Nguyen Anh Quynh, then developed and maintained by a small community,
Capstone offers some unparalleled features:

  • Support multiple hardware architectures: ARM, ARM64 (ARMv8), Ethereum VM, M68K,
    Mips, MOS65XX, PPC, Sparc, SystemZ, TMS320C64X, M680X, XCore and X86 (including X86_64).

  • Having clean/simple/lightweight/intuitive architecture-neutral API.

  • Provide details on disassembled instruction (called “decomposer” by others).

  • Provide semantics of the disassembled instruction, such as list of implicit
    registers read & written.

  • Implemented in pure C language, with lightweight bindings for D, Clojure, F#,
    Common Lisp, Visual Basic, PHP, PowerShell, Emacs, Haskell, Perl, Python,
    Ruby, C#, NodeJS, Java, GO, C++, OCaml, Lua, Rust, Delphi, Free Pascal & Vala
    (ready either in main code, or provided externally by the community).

  • Native support for all popular platforms: Windows, Mac OSX, iOS, Android,
    Linux, *BSD, Solaris, etc.

  • Thread-safe by design.

  • Special support for embedding into firmware or OS kernel.

  • High performance & suitable for malware analysis (capable of handling various
    X86 malware tricks).

  • Distributed under the open source BSD license.

Further information is available at http://www.capstone-engine.org

Compile

See COMPILE.TXT file for how to compile and install Capstone.

Documentation

See docs/README for how to customize & program your own tools with Capstone.

Hack

See HACK.TXT file for the structure of the source code.

License

This project is released under the BSD license. If you redistribute the binary
or source code of Capstone, please attach file LICENSE.TXT with your products.

To the top