Skip to content
/ x86-Assembly-Reverse-Engineering Public

πŸ›  Knowledge about the topic of x86 assembly & disassembly πŸ› 

License

MIT license
123 stars 30 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

IDouble/x86-Assembly-Reverse-Engineering

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

36 Commits

Assembler Intel Code

Assembler Intel Code

Β 
Β 

Docs

Docs

Β 
Β 

Images

Images

Β 
Β 

CODE_OF_CONDUCT.md

CODE_OF_CONDUCT.md

Β 
Β 

CONTRIBUTING.md

CONTRIBUTING.md

Β 
Β 

LICENSE

LICENSE

Β 
Β 

README.md

README.md

Β 
Β 

Repository files navigation

πŸ›  x86 Assembly Reverse Engineering πŸ› 

This is a structured README for x86 assembly, it is written in the easiest language possible with real world examples. πŸ““

βš™οΈ Basics βš™οΈ

Intel Type Bits Name
- 8 Bit BYTE
8086 16 Bit WORD
i386 32 Bit DWORD
x86 64 Bit QWORD

Meanings:

dword = DWORD = (double-word)
qword = QWORD = (quad-word)

NOTE: πŸ“

On 32 Bit ARM CPUs a WORD is 32 Bit.

πŸ”§ x86 Registers πŸ”§

(Older Text from the University of Virginia Computer Science (2006), one of the best Guides for x86 Assembly)

Modern (i.e 386 and beyond) x86 processors have eight 32-bit general purpose registers, as depicted in Figure 1. The register names are mostly historical. For example, EAX used to be called the accumulator since it was used by a number of arithmetic operations, and ECX was known as the counter since it was used to hold a loop index. Whereas most of the registers have lost their special purposes in the modern instruction set, by convention, two are reserved for special purposes β€” the stack pointer (ESP) and the base pointer (EBP).

For the EAX, EBX, ECX, and EDX registers, subsections may be used. For example, the least significant 2 bytes of EAX can be treated as a 16-bit register called AX. The least significant byte of AX can be used as a single 8-bit register called AL, while the most significant byte of AX can be used as a single 8-bit register called AH. These names refer to the same physical register. When a two-byte quantity is placed into DX, the update affects the value of DH, DL, and EDX. These sub-registers are mainly hold-overs from older, 16-bit versions of the instruction set. However, they are sometimes convenient when dealing with data that are smaller than 32-bits (e.g. 1-byte ASCII characters).

When referring to registers in assembly language, the names are not case-sensitive. For example, the names EAX and eax refer to the same register.

x86 assembly Registers

In x86 registers have an 'e' in front of their name.
Example: eax, ebx, ecx, edx, ebp

Additional Info:
In x64 you have a 'r' instead.
Example: rax, rbx, rcx, rdx, rbp
You also have double-precision floating point going from xmm0 to xmm15.

🚩 EFLAGS 🚩

x86 assembly EFLAGS Registers

πŸ“ Cheatsheet x86 Assembly πŸ“

Full Cheatsheet x86 Assembly, 20 Pages.

Binance Ready to give crypto a try ? buy bitcoin and other cryptocurrencies on binance

About

πŸ›  Knowledge about the topic of x86 assembly & disassembly πŸ› 

Topics

collection research modern knowledge register topic assembly x86-64 templates reverse-engineering intel bytes pointer x86 x86-32 eax x86-x64 dword eflags

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

123 stars

Watchers

4 watching

Forks

30 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages