GrammaTech DDisasm
Fast disassembler producing reassemblable assembly code using Datalog
GrammaTech DDisasm
Fast disassembler producing reassemblable assembly code using Datalog
Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaignGrammaTech DDisasm Description
DDisasm is a disassembler that produces assembly code accurate enough to be reassembled. The tool is implemented using the Datalog (souffle) declarative logic programming language to compile disassembly rules and heuristics. The disassembly process begins by parsing ELF file information and decoding a superset of possible instructions to create an initial set of datalog facts. These facts are analyzed to identify code locations, symbolization, and function boundaries. The results of this analysis produce a refined set of datalog facts that are translated to the GTIRB (GrammaTech Intermediate Representation for Binaries) intermediate representation for binary analysis and reverse engineering. The GTIRB pretty printer can be used to convert the GTIRB output to reassemblable assembly code. The tool is available as a Docker image for quick deployment and testing. DDisasm was developed with support from the Navy and the Office of Naval Research. The underlying research was published in a USENIX paper titled "Datalog Disassembly" which received a distinguished paper award.
GrammaTech DDisasm FAQ
Common questions about GrammaTech DDisasm including features, pricing, alternatives, and user reviews.
GrammaTech DDisasm is Fast disassembler producing reassemblable assembly code using Datalog, developed by GrammaTech. It is a Security Operations solution designed to help security teams with Binary Analysis, Open Source, Reverse Engineering.
GrammaTech DDisasm offers the following core capabilities:
1.ELF file parsing and instruction decoding
2.Datalog-based disassembly rules and heuristics
3.Code location identification
4.Symbolization analysis
5.Function boundary detection
6.GTIRB intermediate representation output
7.Reassemblable assembly code generation
GrammaTech DDisasm integrates natively with GTIRB, Souffle. Integration support lets security teams connect GrammaTech DDisasm to existing SIEM, ticketing, identity, and notification systems without custom development.
GrammaTech DDisasm is built for security teams handling Binary Analysis, Open Source, Reverse Engineering. It supports workflows including elf file parsing and instruction decoding, datalog-based disassembly rules and heuristics, code location identification. Teams typically adopt GrammaTech DDisasm when they need to security operations capabilities integrated into their existing stack. Explore similar tools at https://cybersectools.com/alternatives/grammatech-ddisasm
GrammaTech DDisasm is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://grammatech.com/ddisasm/ for download and installation instructions.
Popular alternatives to GrammaTech DDisasm include:
1.de4dot - An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques. (Free)
2.Ghidra Software Reverse Engineering Framework - Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures. (Free)
3.PINT - PINT is a PIN tool that enables Lua scripting for Intel's PIN dynamic instrumentation framework, allowing researchers to inject custom code during binary analysis processes. (Free)
4.Kaitai Struct - A declarative language for describing binary data structures that compiles into parsers for multiple programming languages. (Free)
5.ScratchABit - Interactive incremental disassembler with data/control flow analysis capabilities. (Free)
Compare all GrammaTech DDisasm alternatives at https://cybersectools.com/alternatives/grammatech-ddisasm
GrammaTech DDisasm is for security teams and organizations that need Binary Analysis, Open Source, Reverse Engineering. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
