
Disassemblers, debuggers, and other static and dynamic analysis tools.
- Platform-agnostic binary analysis framework developed at UCSB's Seclab.
- Identifies and extracts information from bots and other malware.
- Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab.
- Multiplatform, open source Binary Analysis and Reverse engineering Framework.
- Binary analysis IDE for reverse engineering based on graph visualization.
- A reversing engineering platform that is an alternative to IDA.
- Firmware analysis tool.
- Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages.
- Web based code browser using clang to provide basic code analysis.
- GUI for Radare2.
- A binary analysis platform based on QEMU. DroidScope is now an extension to DECAF.
- .NET assembly editor, decompiler and debugger.
- Free .NET Decompiler and Assembly Browser.
- A modular debugger with a Qt GUI.
- Tool for exploration and tracing of the Windows kernel.
- Reports open TCP/IP and UDP ports in a live system and maps them to the owning application.
- The GNU debugger.
- GDB Enhanced Features, for exploiters and reverse engineers.
- A software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.
- A utility to search for strings in PE executables including imports, exports, and debug symbols.
- The macOS and Linux Disassembler.
- IDA Pro Windows disassembler and debugger, with a free evaluation version
- Interactive Delphi Reconstructor is a decompiler of Delphi executable files and dynamic libraries.
- Debugger for malware analysis and more, with a Python API.
- ILSpy is the open-source .NET assembly browser and decompiler.
- DSL for file formats / network protocols / data structures reverse engineering and dissection, with code generation for C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.
- LIEF provides a cross-platform library to parse, modify and abstract ELF, PE and MachO formats.
- Dynamic analysis for Linux executables.
- An automated framework for mac malware hunting.
- Part of GNU binutils, for static analysis of Linux binaries.
- An assembly-level debugger for Windows executables.
- Platform for Architecture-Neutral Dynamic Analysis.
- Python Exploit Development Assistance for GDB, an enhanced display with added commands.
- Perform static analysis of Windows executables.
- The Pharos binary analysis framework can be used to perform automated static analysis of binaries.
- Interactive disassembler for x86/ARM/MIPS.
- A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more detail.
Process Explorer Advanced task manager for Windows.
- Tool that monitors system resources.
Process Monitor - Advanced monitoring tool for Windows programs.
- Windows command-line tools that help manage and investigate live systems.
- Python tool for malware analysis.
- Python scriptable reverse engineering sandbox by the Talos team at Cisco.
- QEMU with embedded WinDbg server for stealth debugging.
- Reverse engineering framework, with debugger support.
- Registry compare utility that compares snapshots.
- Retargetable machine-code decompiler with an
and
that you can use in your tools.
- A framework to analyze, dissect and decompile complex code-reuse attacks.
- Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis.
- Dynamic analysis for Linux executables.
- A dynamic binary analysis (DBA) framework.
- Disassembler library and tool for x86 and x86_64.
- Python tool for malware analysis.
- multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
- An open-source x64/x32 debugger for windows.
- Platform-agnostic binary analysis framework developed at UCSB's Seclab.
- Identifies and extracts information from bots and other malware.
- Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab.
- Multiplatform, open source Binary Analysis and Reverse engineering Framework.
- Binary analysis IDE for reverse engineering based on graph visualization.
- A reversing engineering platform that is an alternative to IDA.
- Firmware analysis tool.
- Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages.
- Web based code browser using clang to provide basic code analysis.
- GUI for Radare2.
- A binary analysis platform based on QEMU. DroidScope is now an extension to DECAF.
- .NET assembly editor, decompiler and debugger.
- Free .NET Decompiler and Assembly Browser.
- A modular debugger with a Qt GUI.
- Tool for exploration and tracing of the Windows kernel.
- Reports open TCP/IP and UDP ports in a live system and maps them to the owning application.
- The GNU debugger.
- GDB Enhanced Features, for exploiters and reverse engineers.
- A software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.
- A utility to search for strings in PE executables including imports, exports, and debug symbols.
- The macOS and Linux Disassembler.
- IDA Pro Windows disassembler and debugger, with a free evaluation version
- Interactive Delphi Reconstructor is a decompiler of Delphi executable files and dynamic libraries.
- Debugger for malware analysis and more, with a Python API.
- ILSpy is the open-source .NET assembly browser and decompiler.
- DSL for file formats / network protocols / data structures reverse engineering and dissection, with code generation for C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.
- LIEF provides a cross-platform library to parse, modify and abstract ELF, PE and MachO formats.
- Dynamic analysis for Linux executables.
- An automated framework for mac malware hunting.
- Part of GNU binutils, for static analysis of Linux binaries.
- An assembly-level debugger for Windows executables.
- Platform for Architecture-Neutral Dynamic Analysis.
- Python Exploit Development Assistance for GDB, an enhanced display with added commands.
- Perform static analysis of Windows executables.
- The Pharos binary analysis framework can be used to perform automated static analysis of binaries.
- Interactive disassembler for x86/ARM/MIPS.
- A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more detail.
Process Explorer Advanced task manager for Windows.
- Tool that monitors system resources.
Process Monitor - Advanced monitoring tool for Windows programs.
- Windows command-line tools that help manage and investigate live systems.
- Python tool for malware analysis.
- Python scriptable reverse engineering sandbox by the Talos team at Cisco.
- QEMU with embedded WinDbg server for stealth debugging.
- Reverse engineering framework, with debugger support.
- Registry compare utility that compares snapshots.
- Retargetable machine-code decompiler with an
and
that you can use in your tools.
- A framework to analyze, dissect and decompile complex code-reuse attacks.
- Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis.
- Dynamic analysis for Linux executables.
- A dynamic binary analysis (DBA) framework.
- Disassembler library and tool for x86 and x86_64.
- Python tool for malware analysis.
- multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
- An open-source x64/x32 debugger for windows.