Home

disassembly

Disassembly is the process of translating machine code or binary data into human-readable assembly language. It is the reverse of assembling and linking software. Disassembly is used to analyze programs when source code is unavailable, to understand behavior, and to support debugging, vulnerability research, or software maintenance.

Static disassembly analyzes a binary file without executing it, producing a listing of instructions with addresses,

Tools commonly used for disassembly include IDA Pro, Ghidra, Binary Ninja, Radare2, and objdump. Modern disassemblers

Applications span reverse engineering, malware analysis, security auditing, software forensics, and historical software archaeology. Disassembly also

mnemonics,
and
operands.
Dynamic
disassembly
runs
the
program
under
a
debugger
or
instrumentation
to
observe
runtime
behavior.
Analysts
must
distinguish
code
from
data,
recover
function
boundaries,
and
handle
indirect
branches,
self-modifying
code,
and
various
instruction
set
architectures
such
as
x86,
x64,
ARM,
and
MIPS.
often
incorporate
partial
decompilation,
control-flow
graphs,
and
heuristics
for
function
identification.
The
accuracy
of
a
disassembly
depends
on
the
architecture,
compiler
optimizations,
and
whether
obfuscation
or
packing
is
used.
intersects
with
hardware
contexts
in
the
sense
that
technicians
may
disassemble
devices
to
inspect
components,
though
that
usage
is
separate
from
software-centric
disassembly.
Legality
and
ethics
can
be
relevant,
as
reverse
engineering
may
be
restricted
by
licenses,
trademarks,
or
protections
on
certain
software.