Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tenderlove/hatstone

A minimal Ruby wrapper for Capstone disassembler
https://github.com/tenderlove/hatstone

assembly capstone disassembler ruby

Last synced: about 1 month ago
JSON representation

A minimal Ruby wrapper for Capstone disassembler

Host: GitHub
URL: https://github.com/tenderlove/hatstone
Owner: tenderlove
License: apache-2.0
Created: 2022-03-12T20:27:53.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2022-03-12T21:01:08.000Z (almost 3 years ago)
Last Synced: 2024-05-09T21:22:51.528Z (9 months ago)
Topics: assembly, capstone, disassembler, ruby
Language: C++
Homepage:
Size: 11.7 KB
Stars: 8
Watchers: 4
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

        # Hatstone

This is a very simple wrapper around [Capstone](https://www.capstone-engine.org).

Capstone is a library that disassembles binary data in to assembly code.  This

library, Hatstone, offers a Ruby interface to the Capstone library.

## Why a new library?

[Crabstone](https://github.com/bnagy/crabstone) is a different wrapper for Capstone.

I've been using Crabstone for quite a while and I really love it.  However,

I've been running in to problems with libffi, and especially problems on my M1

Mac where I have both the ARM64 installation and x86 installation of Capstone

on the same system (via two installations of Homebrew).

This C extension finds the right Capstone library at gem installation time, so

you can be assured that if you can install this gem, you can use this gem (hopefully!!)

## Installation

Make sure you have Capstone installed.  On macOS this is `brew install capstone`.

Then install this gem via the normal method `gem install hatstone`.

Note: RISCV support is only available in Capstone version 5 or later.

## Example Usage

In this example we'll assemble some simple ARM64 instructions and then use

Hatstone to disassemble them.

```ruby

require "hatstone"

# ARM64 movz instruction

def movz reg, imm

  insn = 0b0_10_100101_00_0000000000000000_00000

  insn |= (1 << 31)  # 64 bit

  insn |= (imm << 5) # immediate

  insn |= reg        # reg

end

# ARM64 ret instruction

def ret xn = 30

  insn = 0b1101011_0_0_10_11111_0000_0_0_00000_00000

  insn |= (xn << 5)

  insn

end

# Assemble some instructions

insns = [

  movz(0, 0x2a), # mov X0, 0x2a

  ret            # ret

].pack("L