IDA Embed arch disasm

Allows you to disassemble x86-64 code (like inlined WOW64 one) while you using 32-bit IDA database. This would be helpfull to analyze WOW64 mode switches.

Dependencies

capstone Python module

In case you use IDA 7 and newer make sure you download and install capstone for appropriate Python version and architecture, because since IDA 7 by default is 64-bit. You could find the binary installer here

Installation

Install capstone
Download the main plugin module ida-embed-arch-disasm.py (Right click the link -> Save link as...) and save it to IDA plugins folder

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

IDA Embed arch disasm

Dependencies

Installation

Showcase

Before

Select the range you want to disassemble

After (disassembled instructions are in comments)

Files

README.md

Latest commit

History

README.md

File metadata and controls

IDA Embed arch disasm

Dependencies

Installation

Showcase

Before

Select the range you want to disassemble

After (disassembled instructions are in comments)