Welcome

What Architectures and Instruction Sets are Supported?

ARM32

Relyze Desktop supports analyzing, disassembling and assembling 32 bit ARM, including Thumb and Thumb2 modes.

ARM64

Relyze Desktop supports analyzing, disassembling and assembling 64 bit ARM (Refered to as either arm64 or Aarch64).

x86 and x64

Relyze Desktop supports analyzing, disassembling and assembling both x86 and x64 code.

The following instruction set extensions are fully supported:

MMX, FPU (x87), 3DNow, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, SSE4a, FMA, FMA4, F16C, AES, AMD-V, INTEL-VMX, SMX, ADX, AVX, AVX2, XOP, BMI, BMI2, FSGSBASE, ABM/LZCNT, SHA, CLMUL, SGX, RDSEED, SMAP, INVPCID, RTM, XSAVE/XRSTOR, HLE, MPX and TBM.

Plugin Support

Using the plugin framework, you can access an instruction’s raw decoding as shown in the simple examples below:

# Simple example to color an instruction based on its EFLAGS access.
 
def run
	result = cm.synchronize_write do
		# Pull out the RVA of the function the user has selected in the GUI
		func_rva = @relyze.tab_current_function_rva( cm ) || (break 'No function selected')
		# Pull out the corresponding function object
		func = cm.function( func_rva ) || (break 'Function not found')
		# Iterate over every block in the function
		func.blocks do | block |
			# Iterate over every instruction in the block
			block.instructions do | inst |
				# Pull out the instruction raw decoding
				raw = inst.to_raw
				# Color instruction that modify the ZF flag green 
				# and color instruction that test the ZF flag blue.
				if( raw[:flags][:zf] == :modified )
					inst.color = @relyze.rgb( 0, 128, 0 )
				elsif( raw[:flags][:zf] == :tested )
					inst.color = @relyze.rgb( 0, 0, 128 )
				else
					inst.color = nil
				end
			end
		end
		'Finished'
	end
	print_message( result )
	@relyze.update_gui
end

# Simple example to color every instruction in a function that writes to memory.

def run
	result = cm.synchronize_write do
		# Pull out the RVA of the function the user has selected in the GUI
		func_rva = @relyze.tab_current_function_rva( cm ) || (break 'No function selected')
		# Pull out the corresponding function object
		func = cm.function( func_rva ) || (break 'Function not found')
		# Iterate over every block in the function
		func.blocks do | block |
			# Iterate over every instruction in the block
			block.instructions do | inst |
				# Pull out the instruction raw decoding
				raw = inst.to_raw
				# Clear the instructions existing color
				inst.color = nil
				# Iterate over each operand looking for a memory write
				raw[:operands].each do | operand |
					if( operand[:write] and operand[:type] == :memory )
						inst.color = @relyze.rgb( 96, 255, 255 )
						break
					end
				end
			end
		end
		'Finished'
	end
	print_message( result )
	@relyze.update_gui
end

More general Articles

Other Articles