{"id":15636434,"url":"https://github.com/idouble/x86-assembly-reverse-engineering","last_synced_at":"2025-09-02T15:31:00.889Z","repository":{"id":64972994,"uuid":"148274844","full_name":"IDouble/x86-Assembly-Reverse-Engineering","owner":"IDouble","description":"🛠 Knowledge about the topic of x86 assembly \u0026 disassembly 🛠","archived":false,"fork":false,"pushed_at":"2024-03-01T20:10:00.000Z","size":1864,"stargazers_count":133,"open_issues_count":2,"forks_count":30,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-12-27T15:36:23.018Z","etag":null,"topics":["assembly","bytes","collection","dword","eax","eflags","intel","knowledge","modern","pointer","register","research","reverse-engineering","templates","topic","x86","x86-32","x86-64","x86-x64"],"latest_commit_sha":null,"homepage":"","language":"Assembly","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/IDouble.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-09-11T07:01:57.000Z","updated_at":"2024-12-21T01:50:33.000Z","dependencies_parsed_at":"2024-03-01T21:26:23.512Z","dependency_job_id":"da313dc9-8ab6-4f44-bc23-6c42ed60be42","html_url":"https://github.com/IDouble/x86-Assembly-Reverse-Engineering","commit_stats":null,"previous_names":["idouble/x86-assembly-reverse-engineering"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IDouble%2Fx86-Assembly-Reverse-Engineering","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IDouble%2Fx86-Assembly-Reverse-Engineering/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IDouble%2Fx86-Assembly-Reverse-Engineering/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IDouble%2Fx86-Assembly-Reverse-Engineering/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/IDouble","download_url":"https://codeload.github.com/IDouble/x86-Assembly-Reverse-Engineering/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":231794024,"owners_count":18427531,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assembly","bytes","collection","dword","eax","eflags","intel","knowledge","modern","pointer","register","research","reverse-engineering","templates","topic","x86","x86-32","x86-64","x86-x64"],"created_at":"2024-10-03T11:03:53.970Z","updated_at":"2024-12-29T23:00:52.589Z","avatar_url":"https://github.com/IDouble.png","language":"Assembly","readme":"# 🛠 x86 Assembly Reverse Engineering 🛠\nThis is a structured README for **x86 assembly**, it is written in the easiest language possible with real world examples. 📓\n\n## ⚙️ Basics ⚙️\n\n| Intel Type  | Bits | Name |\n| ------------- | ------------- | ------------- |\n| -  | 8 Bit  | **BYTE**  |\n| 8086  | 16 Bit  | **WORD**  |\n| i386  | 32 Bit  | **DWORD**  |\n| x86  | 64 Bit  | **QWORD**  |\n\n### Meanings:\ndword = **DWORD** = (double-word) \u003c/br\u003e\nqword = **QWORD** = (quad-word)\n\n### NOTE: 📝\nOn 32 Bit ARM CPUs a WORD is 32 Bit.\n\n\u003cp align=\"center\"\u003e \n  \u003cimg src=\"Images/compiler.png\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e \n  \u003cimg src=\"Images/compiler2.png\"\u003e\n\u003c/p\u003e\n\n## 🔧 x86 Registers 🔧\n\n*(Older Text from the University of Virginia Computer Science (2006), one of the best Guides for x86 Assembly)*\n\nModern (i.e 3**86** and beyond) x**86** processors have eight 32-bit general purpose registers, as depicted in Figure 1. **The register names are mostly historical**. For example, **EAX** used to be called the accumulator since it was used by a number of arithmetic operations, and **ECX** was known as the counter since it was used to hold a loop index. Whereas most of the registers have lost their special purposes in the modern instruction set, by convention, two are reserved for special purposes — **the stack pointer (ESP)** and the **base pointer (EBP).**\n\nFor the **EAX**, **EBX**, **ECX**, and **EDX** registers, subsections may be used. For example, the least significant 2 bytes of **EAX** can be treated as a 16-bit register called **AX**. The least significant byte of **AX** can be used as a single 8-bit register called **AL**, while the most significant byte of **AX** can be used as a single 8-bit register called **AH**. These names refer to the same physical register. When a two-byte quantity is placed into **DX**, the update affects the value of **DH**, **DL**, and **EDX**. These sub-registers are mainly hold-overs from older, 16-bit versions of the instruction set. However, they are sometimes convenient when dealing with data that are smaller than **32-bits (e.g. 1-byte ASCII characters)**.\n\nWhen referring to registers in assembly language, **the names are not case-sensitive**. For example, the names **EAX** and **eax** refer to the **same register**.\n\n\u003cp align=\"center\"\u003e \n\u003cimg src=\"Images/register.png\"\u003e\n\u003c/p\u003e\n\n![x86 assembly Registers](Images/x86-registers.png)\n\nIn **x86 registers** have an '**e**' in front of their name.\u003c/br\u003e\nExample: **e**ax, **e**bx, **e**cx, **e**dx, **e**bp\n\n*Additional Info: \u003c/br\u003e\nIn **x64** you have a '**r**' instead.\u003c/br\u003e\nExample: **r**ax, **r**bx, **r**cx, **r**dx, **r**bp\u003c/br\u003e\nYou also have **double-precision floating point going from xmm0 to xmm15**.*\n\n### 🚩 EFLAGS 🚩\n\n![x86 assembly EFLAGS Registers](Images/x86_EFLAGS_register.jpg)\n\n### [📝 Cheatsheet x86 Assembly 📝](Docs/x86_Assembly.pdf)\n\n[Full Cheatsheet x86 Assembly, 20 Pages.](Docs/x86_Assembly.pdf)\n\n\u003cp align=\"center\"\u003e \n  \u003cimg src=\"Images/cheatography_gcc-x86-assembly-quick-reference-cheat-sheet.jpg\"\u003e\n\u003c/p\u003e\n\n![Binance Ready to give crypto a try ? buy bitcoin and other cryptocurrencies on binance](Images/binance.jpg)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fidouble%2Fx86-assembly-reverse-engineering","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fidouble%2Fx86-assembly-reverse-engineering","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fidouble%2Fx86-assembly-reverse-engineering/lists"}