Editing ROM hacking resources

This page lists concepts, tools and general information on ROM hacking. See [[Mods, Hacks and Fan-Translations]] for more information.

==Overview==
===Numeral systems===
====Decimal====
Our normal counting system uses the [[wikipedia:Decimal|decimal base]], or base 10, and goes in the following sequence: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, and so on. The number ten can be mathematically represented in decimal as <code>(1 * 10) + (0 * 1)</code> or <code>(1 * 10^1) + (0 * 10^0)</code>. So if we have a number like 234, it can be represented as <code>(2 * 100) + (3 * 10) + (4 * 1)</code> or <code>(2 * 10^2) + (3 * 10^1) + (4 * 10^0)</code>.

====Hexadecimal====
On the other hand, the [[wikipedia:Hexadecimal|hexadecimal base]] is base 16 and goes in the following sequence: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A (a single "digit" meaning ten in decimal), B (eleven), C (twelve), D (thirteen), E (fourteen), F (fifteen), then finally 10 (sixteen, <code>(1 * 16) + 0</code> or <code>(1 * 16^1) + (0 * 16^0)</code>), 11 (seventeen, <code>(1 * 16) + (1 * 1)</code>), 12 (eighteen, <code>(1 * 16) + 2</code>), and so on. Typically, hexadecimal numbers are written with the prefixes <code>0x</code> or <code>h</code> so that they are not confused with decimal equivalents (e.g., <code>0x10</code>, decimal <code>16</code>). If this sounds too complicated, you can load Calculator in programmer mode to do conversions between decimal and hexadecimal.

====Binary====
The [[wikipedia:Binary number|binary base]] is base 2 and goes in the following sequence: 0, 1, then 10 (<code>(1 * 2) + 0</code>, two in decimal), 11 (<code>(1 * 2) + 1</code>, three), then 100 (<code>(1 * 2 * 2) + (0 * 2) + (0 * 1)</code>, four), 101 (<code>(1 * 2 * 2) + (0 * 2) + (1 * 1)</code>, five), and so on. As you can see, it gets long and impractical very quickly.

====Comparisons====
{| class="wikitable mw-collapsible mw-collapsed"
!Decimal
!Hex
!Binary
|-
| align="right" |5
| align="right" |5
| align="right" |101
|-
| align="right" |6
| align="right" |6
| align="right" |110
|-
| align="right" |7
| align="right" |7
| align="right" |111
|-
| align="right" |8
| align="right" |8
| align="right" |1000
|-
| align="right" |9
| align="right" |9
| align="right" |1001
|-
| align="right" |10
| align="right" |A
| align="right" |1010
|-
| align="right" |11
| align="right" |B
| align="right" |1011
|-
| align="right" |12
| align="right" |C
| align="right" |1100
|-
| align="right" |13
| align="right" |D
| align="right" |1101
|-
| align="right" |14
| align="right" |E
| align="right" |1110
|-
| align="right" |15
| align="right" |F
| align="right" |1111
|-
| align="right" |16
| align="right" |10
| align="right" |1 0000
|-
| align="right" |17
| align="right" |11
| align="right" |1 0001
|-
| align="right" |36
| align="right" |24
| align="right" |10 0100
|-
| align="right" |94
| align="right" |5E
| align="right" |101 1110
|-
| align="right" |256
| align="right" |100
| align="right" |1 0000 0000
|-
| align="right" |1000
| align="right" |3E8
| align="right" |11 1110 1000
|-
| align="right" |4096
| align="right" |1000
| align="right" |1 0000 0000 0000 
|-
| align="right" |64206
| align="right" |FACE
| align="right" |1111 1010 1100 1110
|}

===Bits and bytes===
Everything in game ROMs — be it programming, graphics, sound, text, assets, and anything else — is written in bits (zero or one), with each group of eight bits called a byte. Out of convenience, bytes are written using the hexadecimal base (any values using this will be noted with the prefix <code>0x</code>), rather than an inconvenient succession of eight bits using the binary system.

The value for each byte ranges from <code>0x00</code> (bits: <code>0000 0000</code>, decimal: <code>0</code>) to <code>0xFF</code> (bits: <code>1111 1111</code>, decimal: <code>255</code>).

===Editing text with hex editors===
Hexadecimal editors, also called hex editors or binary data editors, can open any file and display its contents as bytes written using the hexadecimal base. You can also edit said bytes.

Hex editors usually come with three elements: the part with the binary data, an address (also called offset) on the far-left which tells us the location of this byte in the file (and is useful), and...

The third area in the window is where "text data" is supposed to appear. It tries to interpret the hex data as text by matching each byte value to a specific character in the ASCII set. So if there's the <code>0x41</code> byte for example, the matching character on the right side would be upper-case Latin <code>A</code>.

For practice, go and check the US version of Link's Awakening (either the GB or GBC version). Open the ROM with any hex editor available online, and try modifying Marin's dialog at the very beginning. You'll have to search for a while, but you'll eventually find it.

However, the text data area is usually gibberish, nonsensical symbols. This is often because:

* The specific portion of the file/ROM you're viewing isn't actually text data but something else. So you'll have to use the search feature or browse further down the file.
* The text is encrypted. Sometimes, the developers do this on purpose to make the ROM unreadable by hex editors, as is the case for encrypted 3DS ROMs or games with anti-modding measures like God Eater 2 (PSP, JP) and Youkai Watch save files. Fortunately, this is impractical and mostly uncommon.
* The text is compressed. Compression is a data transformation operation intended to save space. There are numerous schemes, and some games have their own unique flavors. You'll need to figure out the actual compression pattern either by studying the file structure blindly or by reverse-engineering the game's programming during runtime as it uses the compressed file. Once accomplished, you can decompress the text so that it can be edited then recompress it and feed it back to the game.

But sometimes, none of the above may apply. Instead, a custom character encoding is used that doesn't conform to the ASCII standard. Why is this the case? Because many of these games were made in Japanese using Japanese characters, the developers had no reason to respect the ASCII standard but were more concerned about how to make the best out of the limited memory available. So you could have the letter A at <code>0x00</code>, <code>x01</code>, <code>0x0A</code>, <code>0x10</code>, <code>0x21</code>, <code>0x41</code>, <code>0x81</code>, or elsewhere depending on the game and what the developers felt like. 

This poses a problem. None of the mainstream hex editors really give a damn about this enough to account for cases other than the ASCII standard, so you'll have to find a specialized hex editor geared more towards ROM hacking. The feature you'll need here is the ability to load custom character sets, stored in what's called table files (extension .tbl, though they're actually just renamed regular .txt files).

A table file for a game using the ASCII standard would look like this:

<pre>
41=A
42=B
43=C
44=D
45=E
46=F
47=G
48=H
49=I
4A=J
4B=K
...and so on
</pre>

For many games, you'll need to figure out their table files using table file building tools, also commonly referred to as "relative search" tools. Choice ones are [http://www.romhacking.net/utilities/998/ RSEARCH] and [http://www.romhacking.net/utilities/513/ Monkey-Moore]. For example, The Legend of Zelda has "IT'S DANGEROUS TO GO ALONE", so you load the ROM in Monkey-Moore and search for the word "DANGEROUS". It will give you many options (assuming the text is uncompressed, and the programmers at least had the decency to respect alphabetic order -otherwise you'll need to use the "custom set" option, which you'll need in case your game is in Japanese). One of these options should guess the rest of the words of that sentence, with some unknown characters in between (like the spaces). Check that option and create your table with it.

Using [http://www.romhacking.net/utilities/291/ WindHex], a hex editor with TBL support, open the ROM. Next, load the table file you just created with the relative search tool, and then the text will be visible and editable if you scroll to that area of the ROM. You can see the byte equivalents for the missing characters (spaces, punctuation) and then add them to the TBL file with Notepad (or WindHex's table editor). Similar programs include [http://www.romhacking.net/utilities/818/ Crystal Tile 2], (supports Shift-JIS and UTF-8 encodings) and [http://www.romhacking.net/utilities/817/ Tinke].

Make sure to identify the control codes as well. These are bytes used to define special text properties (text color, text display speed, displaying the hero's name, line breaks, end-of-text, etc.) and add them to the TBL file too. Sometimes, the game will use a dictionary to make the game's text shorter in order to save space, so some byte values will replace letter combinations or entire words. Add those to the TBL file too.

Don't be afraid to experiment, even if this corrupts your ROM, so that you confirm any of your observations! Of course, you'll need to keep a safe backup copy of the unaltered ROM along with the ROM revisions with your main hacking progress.

====Text dumping and insertion tools====
Editing or translating a whole game with a hex editor is tiresome. You can't even exceed the original length because the extra text would just overwrite the next not-text data and corrupt the game. The solution is to find the game's pointers. You can note down the address on the left side of the hex editor to know where you are in the ROM. The game does just like that, using pointers to tell it where the text is. But pointers don't look the same way the address in your hex editor does. Each system has its quirks and rule for calculating the pointers, so look it up.

For example, GBA pointers for a specific address are 4-byte. Replace the leftmost byte with <code>08</code>, and invert the order of the bytes so that <code>(byte 1)(byte 2)(byte 3)(byte 4)</code> becomes <code>(byte 4)(byte 3)(byte 2)(byte 1)</code>. Why invert? Because the GBA is a [[wikipedia:Endianness#Little-endian|little endian system]]. Open a GBA Pokémon game, find Professor Oak's dialog in the hex editor, find its starting address (you click on the first letter and then see its address for that byte in the sidebar of your hex editor) and calculate the pointer as detailed above. Use WindHex's feature for searching hex data to find that pointer. It should appear in the hex data and look just like what you calculated. You may modify it to an address in the very end of the ROM in an empty area where you'll try writing new text. If you can pull this off, this means you can repoint that text pointer!

With the command-line tool [http://www.romhacking.net/utilities/647/ Cartographer], you can indicate a ROM and TBL file, and then tell the program to start extracting text. You could tell it to extract bulk text and garbage data alike from and until given addresses (RAW mode). But if you found a pointer — or even better, a succession of pointers (called pointer tables), like in the Pokémon example above — you can extract text data in a more organized manner to a text file.

With another command-line tool called [http://www.romhacking.net/utilities/224/ Atlas], you may re-insert that text file (after modifying it) in the ROM, and the tool will take care of updating the pointers. You can, for example, tell it to start inserting text in an empty yet accessible location at the end of the ROM. The possibilities are endless.

Command-line tools may sound scary, with their black MS-DOS dialog boxes flashing quickly and disappearing. They're actually easy to use. Just put all the needed files in the same folder, make a new .txt file where you write the command detailed in the tool's readme, and save that file as one with the .bat extension. If you double-click on it, it will execute that tool the way you wanted it with little effort.

===Editing graphics with tile editors===
Hex editors interpret binary data as raw bytes or text. Tile editors do something similar, but instead they interpret binary data as graphics. Of course, this means if you're using the wrong mode or looking at an area that's not supposed to be graphical data or the graphics are compressed, you'll just see garbage.

Among the best tile editors out there are TileMolester and Crystal Tile 2. For newer 3D-based systems, however, specialized graphical converters may be required.

In older systems, in order to save space, graphics were usually stored in parts. First, there's the tile data, or the actual drawings that you may edit with tile editors. They're divided into small pieces that, when assembled, make a big picture. The instructions to build the big picture are tile maps (in the case of backgrounds) or sprite attribute tables for sprites.  

The tile data uses indexed colors. Using Mario's shirt as an example, it isn't colored "red" but rather colored with "color 1". NES Mario games, like most NES games, happen to use the NES 2BPP mode (that is, two bits per pixel). A bit is either zero or one. With two bits, we can write <code>00</code>, <code>01</code>, <code>10</code> and <code>11</code>.  This technically gives us four possible colors in total. However, there are actually three colors since "color 0" is transparency, used around Mario's sprite so that the backgrounds behind him are visible and unobstructed.

How can we tell what actual color Mario's shirt is instead of just "color 1"? We do this through [[wikipedia:Palette_(computing)|palettes]]. Palettes are hex data consisting of several bytes (3 for the NES 2BPP mode), and each byte is the ID for a specific color: "red", "blue", "yellow", "purple", "light blue", and so on. (There are just under 60 valid choices in the NES, but later systems have a much larger selection of colors.) We know Mario's clothes change color after eating various items, but the tile data drawings are stored just once in the ROM. There are separate palettes telling the game to colorize the same drawing differently for different situations.

For more convenient tile editing, tile editors offer a custom palette option so that you can fix the colors individually and have the graphics show correctly. Some emulators can export palette data from runtime memory for use with the tile editor (for example VBA-M and Crystaltile), and some tile editors can import save states from some emulators and use the palettes found inside (like Tilemolester).

===Editing game programming===
Game developers used to write directly in machine language which is, again, bytes. Technically you could memorize what each specific byte calls among the different programming instructions availabe in that hardware's processor, and write your code directly in the hex editor. But generally that would be madness.

Let's consider one example, from 6502 assembly used in the NES processor: the instruction which loads a special memory register (called the "accumulator") with a value. We'll choose the value 0x00 here. If you encountered such an instruction in a NES program, it will be written as the two-byte sequence A9 00, where A9 is the opcode for this specific instruction, and 00 is the operand -- the value we chose for this instruction.

What game developers did was to write in plain text documents their game's code using keywords that are more or less readable for humans. 

So, in the (often commented) code they're writing when developing the game, they'd write LDA #00 -- conveniently, LDA stands for "LoaD Accumulator with memory", which is a far more helpful description of the instruction than its raw hex form. (The # means it's a value, otherwise if it's the byte at an address that's affected we'd use $)

Game developers start from text files with human-readable opcodes and comments, which they then pass through tools called "assemblers" to get the binary form of the code.

The inverse is possible, and is called disassembling:
* In debugging emulators with breakpoint and disassembly support, you can cause the game to pause whenever some memory address is interacted with (read, write or execute). You can get the emulator to show you which programming instruction executed right now did said interaction, in binary form, then "disassembled" and translated to some English-sounding instruction.
* Debugging emulators with trace features can disassemble all programming instructions executed between two instants if you so desire.
* CheatEngine and IDA Pro can disassemble some programs at runtime, including games and emulators.
* IDA Pro with some user-made plugins can also take a ROM file from the system covered in said plugin, and try to disassemble its binary to a text file. Some emulators offer the option to do this if you give them which address in the ROM (or RAM) you want to disassemble from.

However, disassembly can easily fail, and you end up with garbage nonsensical code in the text file. Why? Just like hex editors with text display, or tile editors, when disassemblers try to interpret stuff that's not programming as such, it's a recipe for disaster. Another extra problem is that after reading garbage data, even if the disassembler stumbles upon some legit programming bits after that, it will no longer tell where instructions begin and end (remember they're all just bytes) and so there will be even more erronous interpretations.

That is, not to mention the numerous cases where the developers DON'T want you to look at their code: so it's either protected against disassembler tools during runtime (Denuvo on PC games), compressed then the game uncompresses just what it needs to the RAM and executes from there (Ys 5 for the Super Famicom), or most of the programming is written in another arbitrary programming language and the remaining 10% recognizable assembly code for that hardware is just the part which translates that arbitrary languages and not much else - this is also called bytecode and is used in many RPGs, with a quite infamously complicated variant being present in Earthbound (Mother 2) for example. 

What you'll need to mod game programming, a.k.a. assembly hacking, is:
* a documentation of the hardware you're working on (including the various registers, hardware registers for stuff like the VRAM, the memory addressing...)
* an opcode list for that hardware, which includes all the instructions allowed on that hardware which you'll encounter (in the game's original code) and probably will use (in the code you'll write as a replacement)
* an assembler tool, to transform the text file with your innovating hack's code to binary format to be inserted later with a hex editor in the game proper. If you're especially good in regular computer programming, you could write one yourself for your personal use.
* a hex editor
* optionally, knowing how to use a cheat engine, since the RAM addresses it finds can lead to the instructions we need to find and eventually mod, in case those instructions affect those RAM addresses.
* any of the aforementioned disassembly solutions, as long as they can help you pinpoint which instructions in the original interest you and could be changed to achieve the effect you desire.

Having the new code being too long can be troublesome since you wouldn't want to overwrite irrelevant parts of the rom and thus corrupt it. The popular solution is to insert a JUMP instruction (as always, which instruction it is depends on the hardware) pointing your code to some faraway empty place where you can comfortably put all the code you want -- of course, within the limitations of that specific system. You can see it's the same idea as text editing.

If you're more interested, check SMWCentral's boards for tutorials introducing you to SNES hacking with Super Mario World. Then if you feel more comfortable tackling harder stuff, you could learn PS1/PS2 assembly and translate/mod/fix some games.

By the way, more recent systems no longer have a big data blob with all data types mixed, but use neatly arranged file trees with recognizeable (yet proprietary) file formats. This goes for programming too: all systems now have the executable in a separate file, and it's often the one loaded first. Some people even claim they had success running those through third-party disassemblers like IDA Pro. Some examples:
* PS1: SLUS_*** or some variation
* PSP: EBOOT.BIN, BOOT.BIN
* GC/Wii: .elf files
* DS: ARM9.BIN, more rarely ARM7.BIN

Looking at the game's programming as it runs can also help you figure out tons of stuff, from how the game does the decompression for that insanely obscure compression scheme it uses, to how it loads level data, manages enemy stats and damage, display stuff and story events onscreen, and so on. 

Studying the game's programming, coupled with some corrupting (random hex editing of select memory areas) to confirm observations, has led to most of the game specific level editors and similar tools out there. So instead of lamenting why your favorite game doesn't have a dedicated tool, you can figure this out all on your own and create (in case you know some computer programming language) a good tool serving exactly your needs and which can be adjusted in whatever way you want.

==Emulators for ROM hacking==
Not all emulators are made equal. Often, you'll need to study the game as it runs, for the following reasons:

* '''Cheats:''' You modified some text and graphics in the final stage but can't be bothered to replay the whole game legitimately. In case the emulator doesn't support this natively, you might want to consider using [http://www.cheatengine.org/ Cheat Engine].
* '''Save states, rewinding, fast forward, frame advance, pause:''' You modified something appearing in a very narrow timeframe, or you just want to take clean screenshoots of the game.
* '''Debuggers''' with the following features:
** '''Breakpoints:''' A breakpoint throws a fit and pauses the game if a specific address is tampered with. Of course, to know which address it is, you need to find it first with a cheat/RAM search.
** '''Conditional Breakpoints:''' Breakpoints that only trigger when another condition is also met. For example: Dragon Quest 1 keeps track of the monster ID (during battles) and the floor type (outside battles) in the same RAM variable. Which means every single step the hero makes will trigger the breakpoint, so if you're only interested in the monster ID code, you can weed out all other BPs by simply adding the condition "only trigger when the battle status RAM variable is on". Conditions can be about RAM or hardware register status. 
** '''Disassembler:''' Translates the last few lines of programming executed from hex code to known opcodes telling which instruction is which (LDA/LDR/LD (load to accumulator/register), STA/STR/ST (store to accumulator/register), NOP (do nothing), and so on). After a breakpoint, it gives you the programming line (in assembly) directly responsible for altering the address the breakpoint was guarding against reading/writing/executing attempts. This is incredibly invaluable to understand the game's programming.
** '''Assembler:''' Allows the user to write their new lines of programming, which are then converted to the corresponding hex data. It's rare that emulators include this. Assemblers are often separate tools affecting the ROMs or to be inserted manually by users in ROMs.
** '''Tracers:''' The emulator logs all programming lines executed, from since you started logging, to a text file. It can get huge pretty quickly, so it's best used with breakpoints and frame advance features to better locate what you're looking for.
* '''Memory viewers''' with the following features:
** '''Hex editors:''' Views the RAM (and possibly other memory areas like SRAM, VRAM, ROM, and so on) as the game is being executed. Either the window is read-only, or it can be edited.
** '''Tile editors:''' Views the VRAM (and possibly other memory areas) and interprets its content as visual data. Emulators of 3D systems can also have model viewers and texture viewers.
* '''Background/OAM viewers/dumpers:''' View the graphics as they are arranged in-game, often used for dumping graphics by sprite rippers. This can be useful occasionally.

===Emulators===
{| class="wikitable" style="text-align:center;"
|+NES
|-
! scope="col"|Name
! scope="col"|Operating System(s)
! scope="col"|Version
! scope="col"|[[Emulation Accuracy|Accuracy]]
! scope="col"|Save states
! scope="col"|Cheat support
! scope="col"|Frame options
! scope="col"|Breakpoint
! scope="col"|Conditional Breakpoint
! scope="col"|Disassembler
! scope="col"|Assembler
! scope="col"|Tracer
! scope="col"|Memory view
! scope="col"|Tile view
! scope="col"|BG/OAM view
! scope="col"|Useful?
|-
|[[FCEUX]]
|Windows, Linux, macOS, Solaris, BSD
|2.2.3
|High
|✓ 
|✓ 
|✓ 
|✓
|✓ 
|✓ 
|✓ 
|✓ 
|✓ 
|✓ 
|✓ 
|✓✓
|}

* '''FCEUX''' is the golden standard for emulator debuggers, it's a fully featured one and very newbie friendly. So please check it out even if you're not interested in NES games as it's an excellent starting point for game modding. It's one of the few emulators, alongside PCSX2 and PPSSPP, to include conditional breakpoints.

{| class="wikitable" style="text-align:center;"
|+SNES
|-
! scope="col"|Name
! scope="col"|Operating System(s)
! scope="col"|Version
! scope="col"|[[Emulation Accuracy|Accuracy]]
! scope="col"|Save states
! scope="col"|Cheat support
! scope="col"|Frame options
! scope="col"|Breakpoint
! scope="col"|Conditional Breakpoint
! scope="col"|Disassembler
! scope="col"|Assembler
! scope="col"|Tracer
! scope="col"|Memory view
! scope="col"|Tile view
! scope="col"|BG/OAM view
! scope="col"|Useful?
|-
|[[Snes9x]]
|Multi-platform
|Gieger's r1.51
|High
|✓ 
|✓ 
|✓ 
|Address
|✗ 
|✓ 
|✗ 
|✓ 
|✓ 
|✗ 
|✗ 
|✓✓
|-
|[[BizHawk]]
|Windows
|Main
|Cycle
|✓ 
|✓ 
|✓ 
|Range
|✗ 
|✓ 
|✗ 
|Read-only
|✓ 
|✓ 
|✗ 
|✓
|-
|[[No$|NO$SNS]]
|Windows, [[POS_(Pong_Consoles)_CPUs_and_Other_Chips#Intel_CPU.27s|DOS]]
|1.6
|Mid
|✗ 
|✗ 
|✗ 
|Address
|✗ 
|✓ 
|✗ 
|✓ 
|✓ 
|✓ 
|✓ 
|✓
|}

* Older '''bsnes''' versions, and many of its forks - notably BizHawk and Marmelade, have an extensive VRAM viewer, some versions having ones topping NO$SNS, as well as a memory viewer. byuu says he wants to make a proper debugger himself called Loki (citing this as the reason for putting on hiatus the FEOE:Zero translation) but don't hold your breath for it. 

* Geiger's custom build of an older version of Snes9x also is very useful. While the base emulator only has a background layer disabling hotkeys, cheat codes and frame advance features, this build adds a debugger, a tracer (to a log file), as well as a memory viewer/editor with the option to dump to external files to open with hex editors. There's also the very useful "What's Used" feature which colors areas in the memory viewer depending on what's onscreen (controllable with the BG layer hotkeys). However, it doesn't play nicely with nonstandard SNES cartridges. There's another custom Snes9x build by FuSoYa for Super FX2 games.

* As for '''NO$''' emulators, right off the bat when you start it, they have a fully editable debugger (upper-left), RAM memory viewer (lower-left), hardware register (upper-right) and stack (lower-right). You can set breakpoints on addresses or programming lines (opcodes). You can view I/O status (for stuff like sound and DMA) with the F10 hotkey. 

And most importantly, you can view the contents of the VRAM in real-time. It's particularly useful in the case of the SNES (though there's no Mode-7 mode), as there's detailed info about tilemap tiles (the other alternative was to get a ZSNES save state and then load it in an external viewer tool to get that info). It also has sprite information. It's not ideal but far more rom modding oriented than other tools which don't even display 16 tiles per line thus often scrambling the view.

NO$PSX and NO$GBA's special debugger build (regular build doesn't have the debugger) also show 3D textures, and in the case of NO$GBA the 3D models too.

However, the main flaw these have is the lack of decent frame advancing, save state, and cheat options. You'll need CheatEngine, and importing SRAM files from other files most probably. Also, the base emulation isn't without its flaws (for example, NO$SNS crashes with Quintet games because sound isn't emulated).



* '''DeSmume''' has some older builds on gbatemp with interesting modder-friendly options:
** Custom build allowing searching for unused RAM areas. If you want to change the game's programming you'll need to find an empty place in memory to put your new code, so this is extremely useful.
** Custom build allowing to select a DEBUG option under Slot-1. The console window will show every single file loaded off the cartridge in real time, and it's also logged to a text file. If you're, say, looking for the title screen to change it, you can this way narrow down which files you need to look for.

==General resources==
*[http://romhacking.net ROMHacking.net] – This is like a hub where the various hacking communities meet.  It hosts a large variety of major ROM hacks and translations.  Also hosts numerous FAQs and tools to help aspiring hackers get started.
*[http://datacrystal.romhacking.net/ Data Crystal] – A wiki hosted by ROMHacking.net.  While it is a bit outdated at this point, it's still a good resource for information about different editors and links to a handful of prominent hacks.
*[http://fusoya.eludevisibility.org/ FuSoYa's Niche] – Site of the creator of the popular Super Mario World editor, Lunar Magic.  Also hosts a set of tools for ROM expansion, patching, compression, etc.
*[http://www.zophar.net Zophar's Domain] – A site that hosts lots of smaller patches, such as spoofs, as well as a significant amount of major ones.  It hosts a lot of content that can't be found on ROMHacking.net

==Programs==
===General purpose 2D graphics/tile editor===
* [http://www.romhacking.net/utilities/109/ Tile Molester] – Works with Java, practically can edit any game.

===Hex editors===
* [http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm XVI32]
* [http://www.romhacking.net/utilities/219/ Translhextion]

===Roster editors===
* [https://www.simheads.com/products/apfe.4 All-Pro Football Editor (APFe)] - Also it's possible to bring back franchise mode with using this tool[https://youtu.be/2lF9_RIOeCw?t=795].
* [https://forum.nhl94.com/index.php?/topic/20285-tecmo-super-bowl-3-editing-rosters/ TSB3 editor]

==Game-specific==
===EarthBound===
* Starmen.net's [https://forum.starmen.net/forum/Community/PKHack PK Hack board] – Home of the hacking utility [https://forum.starmen.net/forum/Community/PKHack/CoilSnake-v1-0-Cool-Fish-Type-Edition/first CoilSnake], a tool that dumps data from the USA release of EarthBound into an editable format (mainly config files, plain text, and PNG spritesheets) and compiles everything back into the ROM.

Threads for completed hacks are listed, as is the original PK Hack tool, which was adequate for making hacks when it first came out, but is now infamous for corrupting ROMs when pushed too far.

===Final Fantasy VI===
* [https://www.ff6hacking.com/forums/portal.php FF6Hacking] – Home to a large community of Final Fantasy VI hackers, complete with active forums, patches, FAQs and guides for those looking to get into hacking the game.
* [https://www.ff6hacking.com/wiki/doku.php FF6Hacking Wiki] – The most complete Final Fantasy VI hacking wiki with information on the SNES version but also on Final Fantasy VI Advance (GBA).

===Final Fantasy hacktics===
* [http://ffhacktics.com/ Final Fantasy Hacktics] – Community for FFT hacking with a variety of completed hacks, patches, and resources.

===Fire Emblem===
* [http://www.feshrine.net/hacks.html Fire Emblem Shrine] – An active and prominent Fire Emblem hacking community.  Hosts a variety of completed hacks and FAQs to get you started.
* [http://serenesforest.net/forums/index.php?showforum=8 Serenes Forest] – Another active and prominent Fire Emblem hacking community, though perhaps a bit more active than Fire Emblem Shrine.
* [https://feuniverse.us/ Fire Emblem Universe] – Yet another active Fire Emblem Hacking community, about as active as Serenes Forest if not as well known.

===The Legend of Zelda: A Link to the Past===
* [http://www.zeldix.net Zeldix] - An active forums for A Link to the Past hacking, along with a database of MSU-1 hacks.

===New Super Mario Bros.===
* [https://nsmbhd.net The NSMB Hacking Domain] - A large and active forum for New Super Mario Bros. hacking with tons of resources and hacks.

===Pokémon===
* [http://www.pokecommunity.com/forumdisplay.php?f=37 The PokéCommunity] – Very active (and helpful) Pokémon hacking community.
* [https://projectpokemon.org/ Project Pokémon] - An active Pokémon hacking community that maintains a database of past events including promotional giveaways and wonder cards.

===Shin Megami Tensei Series===
* [https://shrinefox.com/ Shrine Fox] – A collection of Shin Megami Tensei mods, tools, and guides. Primarily contains Persona and SMT V mods.

===Sonic the Hedgehog===
* [http://info.sonicretro.org/Sonic_hacks Sonic Retro] – The largest resource for hacks and modifications of the Sonic series (primarily focused on the Genesis games).

===Super Mario World===
[[File:MainLunarMagic-1-.png|thumb]]
* [http://www.smwcentral.net Super Mario World Central] – The largest site dedicated to SMW hacking.  Hosts hundreds of hacks and is a resource for SMW hacking utilities and knowledge.  Also has a very active community and forums.
* [http://www7.atpages.jp/smw/view.cgi X-Mario] – Prominent Japanese site that hosts a variety of hacks.  Worth noting is that Japanese hacks are usually more reliant on creating challenging gameplay and are less flashy or graphically modified than their Western cousins.
* [http://talkhaus.raocow.com/ Raocow's Talkhaus] – The community for the most prominent let's player in SMW hacking.  Whether or not you enjoy his commentary, this site remains a great resource for discovering hacks, as the community here is generally focused on hacks that the SMW Central community doesn't cover.
* [http://www18.atwiki.jp/sm4wiki_mix/ VIP Wiki] – Japanese wiki dedicated to the development of 2channel's series of popular hacks, the VIP & Wall Mix series.  Hosts the 5 current installments and news about the sixth, currently a work in progress.

===Super Mario World 2: Yoshi's Island===
* [http://www.smwcentral.net Super Mario World Central] – In addition to Super Mario World, smwcentral is a budding hub for Yoshi's Island hacking.  While it only hosts a few complete hacks, the community is very active, and new content is being produced at a consistent pace.
* [http://yihacking.wikia.com/wiki/Yoshi%27s_Island YI Hacking Wiki] – A knowledge base for Yoshi's Island hacking.

===Super Metroid===
[[File:Fetch-1-.png|thumb]]
* [http://metroidconstruction.com Metroid Construction] – The most prominent and active Super Metroid hacking community currently.  Hosts a large variety of hacks, resources, FAQs, and an active community and forum.  Originated in m2k2 before becoming its own dedicated site.
* [http://wiki.metroidconstruction.com/doku.php Metroid Construction Wiki] – As its name implies, a wiki created by the Metroid Construction community.
* [http://www.metroid2002.com/ Metroid 2002] – The former most prominent and active Super Metroid hacking community.  While it has since been foregone in favor of Metroid Construction, it can still be a valuable resource for knowledge about the more advanced mechanics and inner workings of Super Metroid (as well as other games in the series).

==Downloads==
* [https://mega.nz/#F!R8RCnZZY!Zxyqoynu9GVWIwFHCISK2Q!og53jJJL ROM Hacks]
[[Category:Modding]]
[[Category:FAQs]]