Package Libs :: Module libanalize

[frames] | no frames]

Module libanalize

source code

Immunity Inc.

Classes

[hide private]

opCode

Decode

Function
Class that contains information about a Function

BasicBlock

XREFBasicBlock

JMCBasicBlock

JMPBasicBlock

RETBasicBlock

TraceArgs

Variables

[hide private]

__VERSION__ = '1.3'

RST_INVALID = 0

RST_VALUE = 1

RST_VFIXUP = 2

RST_INDIRECT = 3

DISASM_SIZE = 0

DISASM_DATA = 1

DISASM_TRACE = 2

DISASM_FILE = 3

DISASM_CODE = 4

DISASM_ALL = 5

DISASM_RTRACE = 6

C_TYPEMASK = 240

C_CMD = 0

C_PSH = 16

C_POP = 32

C_MMX = 48

C_FLT = 64

C_JMP = 80

C_JMC = 96

C_CAL = 112

C_RET = 128

C_FLG = 144

C_RTF = 160

C_REP = 176

C_PRI = 192

C_SSE = 208

C_NOW = 224

C_BAD = 240

DEC_TYPEMASK = 31

DEC_UNKNOWN = 0

DEC_BYTE = 1

DEC_WORD = 2

DEC_NEXTDATA = 3

DEC_DWORD = 4

DEC_FLOAT4 = 5

DEC_FWORD = 6

DEC_FLOAT8 = 7

DEC_QWORD = 8

DEC_FLOAT10 = 9

DEC_TBYTE = 10

DEC_STRING = 11

DEC_UNICODE = 12

DEC_3DNOW = 13

DEC_SSE = 14

DEC_TEXT = 16

DEC_BYTESW = 17

DEC_NEXTCODE = 19

DEC_COMMAND = 29

DEC_JMPDEST = 30

DEC_CALLDEST = 31

DEC_PROCMASK = 96

DEC_PROC = 32

DEC_PBODY = 64

DEC_PEND = 96

DEC_CHECKED = 128

DEC_SIGNED = 256

DECR_TYPEMASK = 63

DECR_BYTE = 33

DECR_WORD = 34

DECR_DWORD = 36

DECR_QWORD = 40

DECR_FLOAT10 = 41

DECR_SEG = 42

DECR_3DNOW = 45

DECR_SSE = 46

DECR_ISREG = 32

DEC_CONST = 64

RegisterName = {(0, 0, 0, 0, 1, 0, 0, 0): 'ESP', (0, 0, 1, 0, 0, 0,...

COUNT = 100

Variables Details

[hide private]

VERSION

None

Value:

'1.3'

RST_INVALID

None

Value:

RST_VALUE

None

Value:

RST_VFIXUP

None

Value:

RST_INDIRECT

None

Value:

DISASM_SIZE

None

Value:

DISASM_DATA

None

Value:

DISASM_TRACE

None

Value:

DISASM_FILE

None

Value:

DISASM_CODE

None

Value:

DISASM_ALL

None

Value:

DISASM_RTRACE

None

Value:

C_TYPEMASK

None

Value:

C_CMD

None

Value:

C_PSH

None

Value:

C_POP

None

Value:

C_MMX

None

Value:

C_FLT

None

Value:

C_JMP

None

Value:

C_JMC

None

Value:

C_CAL

None

Value:

C_RET

None

Value:

C_FLG

None

Value:

C_RTF

None

Value:

C_REP

None

Value:

C_PRI

None

Value:

C_SSE

None

Value:

C_NOW

None

Value:

C_BAD

None

Value:

DEC_TYPEMASK

None

Value:

DEC_UNKNOWN

None

Value:

DEC_BYTE

None

Value:

DEC_WORD

None

Value:

DEC_NEXTDATA

None

Value:

DEC_DWORD

None

Value:

DEC_FLOAT4

None

Value:

DEC_FWORD

None

Value:

DEC_FLOAT8

None

Value:

DEC_QWORD

None

Value:

DEC_FLOAT10

None

Value:

DEC_TBYTE

None

Value:

DEC_STRING

None

Value:

DEC_UNICODE

None

Value:

DEC_3DNOW

None

Value:

DEC_SSE

None

Value:

DEC_TEXT

None

Value:

DEC_BYTESW

None

Value:

DEC_NEXTCODE

None

Value:

DEC_COMMAND

None

Value:

DEC_JMPDEST

None

Value:

DEC_CALLDEST

None

Value:

DEC_PROCMASK

None

Value:

DEC_PROC

None

Value:

DEC_PBODY

None

Value:

DEC_PEND

None

Value:

DEC_CHECKED

None

Value:

DEC_SIGNED

None

Value:

DECR_TYPEMASK

None

Value:

DECR_BYTE

None

Value:

DECR_WORD

None

Value:

DECR_DWORD

None

Value:

DECR_QWORD

None

Value:

DECR_FLOAT10

None

Value:

DECR_SEG

None

Value:

DECR_3DNOW

None

Value:

DECR_SSE

None

Value:

DECR_ISREG

None

Value:

DEC_CONST

None

Value:

RegisterName

None

Value:

{(0, 0, 0, 0, 0, 0, 0, 0): '',
 (0, 0, 0, 0, 0, 0, 0, 1): 'EDI',
 (0, 0, 0, 0, 0, 0, 1, 0): 'ESI',
 (0, 0, 0, 0, 0, 1, 0, 0): 'EBP',
 (0, 0, 0, 0, 1, 0, 0, 0): 'ESP',
 (0, 0, 0, 1, 0, 0, 0, 0): 'EBX',
 (0, 0, 1, 0, 0, 0, 0, 0): 'EDX',
 (0, 1, 0, 0, 0, 0, 0, 0): 'ECX',
...

COUNT

None

Value: