x86-64 Assembly Cheatsheet

Data Transfer Instructions

These instructions move data between registers, memory, and immediate values.

`mov` (Move)

Transfers data from one place to another (register-to-register, memory-to-register, etc.).
Does not modify the original value; just copies it.

mov rax, 10    ; Store 10 in register RAX
mov rbx, rax   ; Copy the value of RAX into RBX
mov rcx, [var] ; Load value from memory address "var" into RCX

`lea` (Load Effective Address)

Loads the memory address of a variable instead of its value.
Useful for pointer arithmetic.

lea rax, [var] ; Load the memory address of "var" into RAX

Arithmetic Instructions

These instructions perform mathematical operations on registers and memory.

`inc` (Increment)

Increases a value by 1.

inc rax  ; RAX = RAX + 1

`dec` (Decrement)

Decreases a value by 1.

dec rbx  ; RBX = RBX - 1

`add` (Addition)

Adds a value to a register or memory location.

add rax, 5  ; RAX = RAX + 5

`sub` (Subtraction)

Subtracts a value from a register or memory location.

sub rbx, 3  ; RBX = RBX - 3

Logical Instructions

Used for bitwise operations (AND, OR, XOR, NOT).

`and` (Bitwise AND)

Compares bits and sets result only if both bits are 1.

and rax, 0xFF  ; Keeps only the last 8 bits of RAX

`or` (Bitwise OR)

Compares bits and sets result if either bit is 1.

or rbx, 0x01  ; Sets the lowest bit of RBX to 1

`xor` (Bitwise XOR)

Flips bits where corresponding bits differ (commonly used for clearing registers).

xor rax, rax  ; Clears RAX (sets it to 0)

`not` (Bitwise NOT)

Flips all bits (inverts 0s to 1s and vice versa).

not rax  ; Inverts all bits of RAX

Comparison Instructions

Used to compare values and set flags for conditional execution.

`cmp` (Compare)

Subtracts two values without storing the result, but sets flags to indicate the relationship (equal, greater, less, etc.).

cmp rax, rbx  ; Compare RAX and RBX

`test` (Bitwise Test)

Performs a bitwise AND, but doesn’t store the result—only sets flags.

test rax, rax  ; Check if RAX is 0

Branch (Jump) Instructions

Used for decision-making and loops.

`jmp` (Jump)

Moves execution to a different part of the program (unconditional).

jmp label  ; Jump to "label"

Conditional Jumps (`je`, `jg`, etc.)

je (Jump if Equal) – Jumps if the last cmp resulted in equality.
jg (Jump if Greater) – Jumps if the first value was greater.

cmp rax, rbx
je equal_label  ; If RAX == RBX, jump to "equal_label"
jg greater_label ; If RAX > RBX, jump to "greater_label"

Stack Instructions

Used for storing and retrieving data from the stack.

`push` (Push onto Stack)

Saves a value onto the stack.

push rax  ; Save RAX on the stack

`pop` (Pop from Stack)

Retrieves the most recently pushed value from the stack.

pop rbx  ; Restore value from stack into RBX

Procedure Instructions

Used for calling and returning from functions.

`call` (Function Call)

Jumps to a function and saves the return address on the stack.

call my_function  ; Call a function

`ret` (Return from Function)

Returns to the calling function by popping the saved return address from the stack.

ret  ; Return from function

`leave` (Cleanup for Stack Frames)

Used to exit a function properly by restoring the base pointer.

leave  ; Restore stack before returning
ret    ; Return to caller

System Call Instruction

Used for interacting with the operating system (Linux syscalls).

`syscall` (System Call)

Executes a system call (e.g., printing to the console, exiting a program).

mov rax, 1         ; syscall: sys_write
mov rdi, 1         ; file descriptor: stdout
mov rsi, msg       ; pointer to message
mov rdx, 13        ; message length
syscall            ; invoke kernel

Previousx86-64 Assembly NextShellcoding

Last updated 3 months ago

Data Transfer Instructions

mov (Move)

lea (Load Effective Address)

Arithmetic Instructions

inc (Increment)

dec (Decrement)

add (Addition)

sub (Subtraction)

Logical Instructions

and (Bitwise AND)

or (Bitwise OR)

xor (Bitwise XOR)

not (Bitwise NOT)