Welcome

What Architectures and Instruction Sets are Supported?

ARM32#

Relyze Desktop supports analyzing, disassembling and assembling 32 bit ARM, including Thumb and Thumb2 modes.

ARM64#

Relyze Desktop supports analyzing, disassembling and assembling 64 bit ARM (Refered to as either arm64 or Aarch64).

x86 and x64#

Relyze Desktop supports analyzing, disassembling and assembling both x86 and x64 code.

The following instruction set extensions are fully supported:

MMX, FPU (x87), 3DNow, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, SSE4a, FMA, FMA4, F16C, AES, AMD-V, INTEL-VMX, SMX, ADX, AVX, AVX2, XOP, BMI, BMI2, FSGSBASE, ABM/LZCNT, SHA, CLMUL, SGX, RDSEED, SMAP, INVPCID, RTM, XSAVE/XRSTOR, HLE, MPX and TBM.

Plugin Support#

Using the plugin framework, you can access an instruction’s raw decoding as shown in the simple examples below:

# Simple example to color an instruction based on its EFLAGS access.
 
def run
	result = cm.synchronize_write do
		# Pull out the RVA of the function the user has selected in the GUI
		func_rva = @relyze.tab_current_function_rva( cm ) || (break 'No function selected')
		# Pull out the corresponding function object
		func = cm.function( func_rva ) || (break 'Function not found')
		# Iterate over every block in the function
		func.blocks do | block |
			# Iterate over every instruction in the block
			block.instructions do | inst |
				# Pull out the instruction raw decoding
				raw = inst.to_raw
				# Color instruction that modify the ZF flag green 
				# and color instruction that test the ZF flag blue.
				if( raw[:flags][:zf] == :modified )
					inst.color = @relyze.rgb( 0, 128, 0 )
				elsif( raw[:flags][:zf] == :tested )
					inst.color = @relyze.rgb( 0, 0, 128 )
				else
					inst.color = nil
				end
			end
		end
		'Finished'
	end
	print_message( result )
	@relyze.update_gui
end

# Simple example to color every instruction in a function that writes to memory.

def run
	result = cm.synchronize_write do
		# Pull out the RVA of the function the user has selected in the GUI
		func_rva = @relyze.tab_current_function_rva( cm ) || (break 'No function selected')
		# Pull out the corresponding function object
		func = cm.function( func_rva ) || (break 'Function not found')
		# Iterate over every block in the function
		func.blocks do | block |
			# Iterate over every instruction in the block
			block.instructions do | inst |
				# Pull out the instruction raw decoding
				raw = inst.to_raw
				# Clear the instructions existing color
				inst.color = nil
				# Iterate over each operand looking for a memory write
				raw[:operands].each do | operand |
					if( operand[:write] and operand[:type] == :memory )
						inst.color = @relyze.rgb( 96, 255, 255 )
						break
					end
				end
			end
		end
		'Finished'
	end
	print_message( result )
	@relyze.update_gui
end

More general Articles

Other Articles