From cfd676e3769bf43b3eae24607e8b05b5db6fb9d2 Mon Sep 17 00:00:00 2001 From: firmianay Date: Thu, 19 Oct 2017 19:45:19 +0800 Subject: [PATCH] add capstone --- README.md | 1 + SUMMARY.md | 1 + doc/2.6_idapro.md | 3 ++- doc/5.7_cap-keystone.md | 1 + doc/5_advanced.md | 1 + 5 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 doc/5.7_cap-keystone.md diff --git a/README.md b/README.md index aa2dbdd..c3fc978 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,7 @@ - [5.4 反调试技术](doc/5.4_antidbg.md) - [5.5 符号执行](doc/5.5_symbolic.md) - [5.6 LLVM](doc/5.6_llvm.md) + - [5.7 Capstone/Keystone](doc/5.7_cap-keystone.md) - [六、附录](doc/6_appendix.md) - [6.1 更多 Linux 工具](doc/6.1_Linuxtools.md) diff --git a/SUMMARY.md b/SUMMARY.md index 1cba32a..fb652aa 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -52,6 +52,7 @@ * [5.4 反调试技术](doc/5.4_antidbg.md) * [5.5 符号执行](doc/5.5_symbolic.md) * [5.6 LLVM](doc/5.6_llvm.md) + * [5.7 Capstone/Keystone](doc/5.7_cap-keystone.md) * [六、附录](doc/6_appendix.md) * [6.1 更多 Linux 工具](doc/6.1_Linuxtools.md) * [6.2 更多 Windows 工具](doc/6.2_wintools.md) diff --git a/doc/2.6_idapro.md b/doc/2.6_idapro.md index ae0326d..4014d03 100644 --- a/doc/2.6_idapro.md +++ b/doc/2.6_idapro.md @@ -10,7 +10,7 @@ - [IDA signsrch](https://github.com/nihilus/IDA_Signsrch) -- 寻找二进制文件所使用的加密、压缩算法 - [Ponce](https://github.com/illera88/Ponce) -- 污点分析和符号化执行工具 - [snowman decompiler](https://github.com/yegord/snowman/tree/v0.1.0) -- C/C++反汇编插件(F3 进行反汇编) -- [keystone](https://github.com/keystone-engine/keypatch) -- 二进制文件修改工具,可以直接修改汇编 +- [keypatch](https://github.com/keystone-engine/keypatch) -- 二进制文件修改工具,可以直接修改汇编 - [CodeXplorer](https://github.com/REhints/HexRaysCodeXplorer) -- 自动类型重建以及对象浏览(C++)(jump to disasm) - [IDA Ref](https://github.com/nologic/idaref) -- 汇编指令注释(支持arm,x86,mips) - [auto re](https://github.com/a1ext/auto_re) -- 函数自动重命名 @@ -19,6 +19,7 @@ - [DIE](https://github.com/ynvb/DIE) -- 动态调试增强工具,保存函数调用上下文信息 - [sk3wldbg](https://github.com/cseagle/sk3wldbg) -- IDA动态调试器,支持多平台 - [idaemu](https://github.com/36hours/idaemu) -- 模拟代码执行(支持X86、ARM平台) +- [Diaphora](https://github.com/joxeankoret/diaphora) -- 程序差异比较 #### 内存 dump 脚本 diff --git a/doc/5.7_cap-keystone.md b/doc/5.7_cap-keystone.md new file mode 100644 index 0000000..d7ca7ee --- /dev/null +++ b/doc/5.7_cap-keystone.md @@ -0,0 +1 @@ +# Capstone/Keystone diff --git a/doc/5_advanced.md b/doc/5_advanced.md index 0968929..d263bb1 100644 --- a/doc/5_advanced.md +++ b/doc/5_advanced.md @@ -6,3 +6,4 @@ - [5.4 反调试技术](5.4_antidbg.md) - [5.5 Symbolic Execution 符号执行技术](5.5_symbolic.md) - [5.6 LLVM](5.6_llvm.md) +- [5.7 Capstone/Keystone](5.7_cap-keystone.md)