QuarkslaB Dynamic Binary Instrumentation (QBDI) is a modular, cross-platform, and cross-architecture DBI framework. It aims to support Linux, macOS, Android, iOS, and Windows operating systems running on x86, x86-64, ARM, and AArch64 architectures. Information...
Obfuscation Detection Automatically detect control-flow flattening and other state machines Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Control-flow flattening is a code transformation that removes structure from a...
CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities....
echidna Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley) More seriously, Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smarts contracts. It...
Radare2: Unix-Like Reverse Engineering Framework Introduction r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a...
dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor (and more) and can be easily extended by writing your own extension. It uses dnlib to read...
Soot is a Java optimization framework. It provides four intermediate representations for analyzing and transforming Java bytecode: Baf: a streamlined representation of bytecode which is simple to manipulate. Jimple: a typed 3-address intermediate representation...
HookCase HookCase is a tool for debugging and reverse engineering applications on macOS (aka OS X), and the operating system itself. It re-implements and extends Apple’s DYLD_INSERT_LIBRARIES functionality. It can be used to hook any method...
GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb, and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java...
iMonitor iMonitor (Endpoint Behavior Analysis System – Then Open Source Procmon) is an endpoint behavior monitoring and analysis software based on iMonitorSDK. Provides monitoring of system behaviors such as processes, files, registry, and networks. Support...
