VBDec
VbDec is a VB6 P-Code Disassembler and debugger. Features: Can Properly disassemble and resolve most common VB6 P-code Live debugging of P-Code exes w/ single stepping, breakpoints etc. Live stack display with diffing to highlight changes Data viewer for Variant, Date, Array, etc Memory window displays data for multiple types with click navigation Ability to persistently patch memory, nop instructions Modify stack values and reset EIP in the debugger. Disassembly viewer supports renaming functions, adding comments Click to navigate functions in disasm and esc go back in history Comprehensive search tools for strings, text, api references, etc. Ability to resolve class names from live object pointers in debugger COM aware: dynamically lookup libraries and resolve function names Export disassembly to database, or for standalone viewer app Standalone viewer to share disassemblies with non-licensed users. Explore VB6 internal structures, calculate offsets Constant pool viewer to manually explore data Can be automated through a plugin framework or Javascript Script editor supports syntax highlighting and basic intellisense. Powerful search UI for structs, code, funcs, strings and opcodes. P-Code mutation engine to break disassemblers and decompilers. Screen shots (Click to enlarge) COM Support Const Pool Viewer Data Viewer w/Array Data Viewer w/Date Patch/Nop Interface String references VBDec is currently being reserved as an internal tool. If you need specialized PCode analysis you can contact me from your business email to request more information. There are several demo videos and blog posts showing vbdec in action. Sample output and the standalone viewer are available to partners.