Dr. Memory: the memory debugger Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units...
jadx – Dex to Java decompiler Command line and GUI tools for produce Java source code from Android Dex and Apk files Changelog v1.3.2 Core Use Kotlin intrinsic methods for variables rename (#1207) Improve...
ME Analyzer is a tool which parses Intel Engine firmware images from the Converged Security Management Engine, Converged Security Trusted Execution Engine, Converged Security Server Platform Services, Management Engine, Trusted Execution Engine & Server...
MC Extractor is a tool which parses Intel, AMD, VIA, and Freescale processor microcode binaries. It can be used by end-users who are looking for all relevant microcode information such as CPUID, Platform, Version,...
Obfuscar is a basic obfuscator for .NET assemblies. It uses massive overloading to rename metadata in .NET assemblies (including the names of methods, properties, events, fields, types, and namespaces) to a minimal set, distinguishable...
BPF Compiler Collection (BCC) BCC is a toolkit for creating efficient kernel tracing and manipulation programs and includes several useful tools and examples. It makes use of extended BPF (Berkeley Packet Filters), formally known...
cutter Cutter is a Qt and C++ GUI for radare2. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers...
iMonitor iMonitor (Endpoint Behavior Analysis System – Then Open Source Procmon) is an endpoint behavior monitoring and analysis software based on iMonitorSDK. Provides monitoring of system behaviors such as processes, files, registry, and networks. Support...
GTIRB The GrammaTech Intermediate Representation for Binaries (GTIRB) is a machine code analysis and rewriting data structure. It is intended to facilitate the communication of binary IR between programs performing binary disassembly, analysis, transformation,...
capa capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the...
