https://github.com/tenderlove/hatstone

A minimal Ruby wrapper for Capstone disassembler
https://github.com/tenderlove/hatstone

assembly capstone disassembler ruby

Last synced: 6 months ago
JSON representation

A minimal Ruby wrapper for Capstone disassembler

• Host: GitHub
• URL: https://github.com/tenderlove/hatstone
• Owner: tenderlove
• License: apache-2.0
• Created: 2022-03-12T20:27:53.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2024-11-05T21:38:11.000Z (about 1 year ago)
• Last Synced: 2025-05-07T23:45:05.690Z (6 months ago)
• Topics: assembly, capstone, disassembler, ruby
• Language: C++
• Homepage:
• Size: 17.6 KB
• Stars: 8
• Watchers: 3
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

          
# Hatstone

This is a very simple wrapper around [Capstone](https://www.capstone-engine.org).

Capstone is a library that disassembles binary data in to assembly code.  This

library, Hatstone, offers a Ruby interface to the Capstone library.

## Why a new library?

[Crabstone](https://github.com/bnagy/crabstone) is a different wrapper for Capstone.

I've been using Crabstone for quite a while and I really love it.  However,

I've been running in to problems with libffi, and especially problems on my M1

Mac where I have both the ARM64 installation and x86 installation of Capstone

on the same system (via two installations of Homebrew).

This C extension finds the right Capstone library at gem installation time, so

you can be assured that if you can install this gem, you can use this gem (hopefully!!)

## Installation

Make sure you have Capstone installed.  On macOS this is `brew install capstone`.

Then install this gem via the normal method `gem install hatstone`.

Note: RISCV support is only available in Capstone version 5 or later.

## Example Usage

In this example we'll assemble some simple ARM64 instructions and then use

Hatstone to disassemble them.

```ruby

require "hatstone"

# ARM64 movz instruction

def movz reg, imm

  insn = 0b0_10_100101_00_0000000000000000_00000

  insn |= (1 << 31)  # 64 bit

  insn |= (imm << 5) # immediate

  insn |= reg        # reg

end

# ARM64 ret instruction

def ret xn = 30

  insn = 0b1101011_0_0_10_11111_0000_0_0_00000_00000

  insn |= (xn << 5)

  insn

end

# Assemble some instructions

insns = [

  movz(0, 0x2a), # mov X0, 0x2a

  ret            # ret

].pack("L