Name	Name	Last commit message	Last commit date
parent directory ..
README.md	README.md
code_bind.rb	code_bind.rb
sym_exec.rb	sym_exec.rb

Name

Last commit message

Last commit date

Introduction

Metasm is a Ruby library for assembling, disassembling and understanding the code semantics.

Usage

Code was adapted from the Practical Reverse Engineering book and tested with Metasm 1.04 on Ruby 3.0.1.

code_bind.rb shows how to disassemble and extract the semantics of a given code block and sym_exec.rb shows how to execute that same code block by providing a context with arbitrary values.

References

Chapter 5 of the Practical Reverse Engineering book with its accompanying Metasm code exercises (and solutions!) provide the best explanation of how to disassemble and then perform symbolic execution on the disassembled blocks. Exercise 2 is especially instructive.

Practical Reverse Engineering code downloads
Modern Malware: Obfuscation and Emulation presentation by Alexandre Borges (DEFCON China 2019)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

metasm

metasm

README.md

Introduction

Usage

References

Files

metasm

Directory actions

More options

Directory actions

More options

Latest commit

History

metasm

Folders and files

parent directory

README.md

Introduction

Usage

References