Assembly code

This article was published on the 24th of April 2019.

Assembly language is the result of disassembling native binaries. Languages that require a virtual machine to run in, such as Java or C#, also use some sort of assembly language: byte code. Regardless of the type, the key concepts of the language remain the same.

In the previous chapter, an introduction was given for both x86 and x86_64 assembly with the Intel syntax. Knowing how to interpret assembly code is a valuable skill during reverse engineering. Decompilers make mistakes, albeit becoming better and better over the years. Spotting these mistakes can sometimes be vital for a correct analysis.

To get a better grasp on how to interpret (compiler) optimised assembly language, one should know how to write assembly language. Recognising patterns and structures within the code becomes easier and you’ll feel more at home during the analysis.

In this chapter, multiple programs are constructed from scratch. Each program is accompanied by a step-by-step walkthrough, as is the default in this course.

To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], or DM me on Twitter @Libranalysis.