| Name | Reference-Links | Infos |
|---|---|---|
| ILSpy | https://github.com/icsharpcode/ILSpy | .NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform |
| JADX | https://github.com/skylot/jadx | Dex to Java decompiler |
| Ghidra | https://github.com/NationalSecurityAgency/ghidra | Ghidra is a software reverse engineering (SRE) framework |
| RetDec | https://github.com/avast/retdec | RetDec is a retargetable machine-code decompiler based on LLVM |
| HexRaysCodeXplorer(IDA Plugin) | https://github.com/REhints/HexRaysCodeXplorer | Hex-Rays Decompiler plugin for better code navigation |
| Name | Reference-Links | Infos |
|---|---|---|
| GEF | https://github.com/hugsy/gef | GDB Enhanced Features for exploit devs & reversers |
| x64dbg | https://github.com/x64dbg/x64dbg | An open-source x64/x32 debugger for windows |
| pwndbg | https://github.com/pwndbg/pwndbg | Exploit Development and Reverse Engineering with GDB Made Easy |
| PEDA | https://github.com/longld/peda | Python Exploit Development Assistance for GDB |
| Name | Reference-Links | Infos |
|---|---|---|
| iced | https://github.com/icedland/iced | Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for .NET, Rust, Python, JavaScript |
| capstone | https://github.com/aquynh/capstone | Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings |
| ddisasm | https://github.com/GrammaTech/ddisasm | A fast and accurate disassembler |
| Name | Reference-Links | Infos |
|---|---|---|
| angr | https://github.com/angr/angr | A powerful and user-friendly binary analysis platform |
| miasm | https://github.com/cea-sec/miasm | Reverse engineering framework in Python |
| KLEE | https://github.com/klee/klee | KLEE Symbolic Execution Engine |
| SymCC | https://github.com/eurecom-s3/symcc | efficient compiler-based symbolic execution |
| Triton | https://github.com/JonathanSalwan/Triton | Dynamic Binary Analysis (DBA) framework |
| Qiling | https://github.com/qilingframework/qiling | Qiling Advanced Binary Emulation Framework |
| dynamorio | https://github.com/DynamoRIO/dynamorio | Dynamic Instrumentation Tool Platform |
| Pin | https://software.intel.com/content/www/us/en/develop/articles/pin-a-dynamic-binary-instrumentation-tool.html | dynamic binary instrumentation framework for the IA-32, x86-64 and MIC instruction-set architectures |
| QBDI | https://github.com/QBDI/QBDI | A Dynamic Binary Instrumentation framework based on LLVM |
| Arybo | https://github.com/quarkslab/arybo | Manipulation, canonicalization and identification of mixed boolean-arithmetic symbolic expressions |
| Z3 | https://github.com/Z3Prover/z3 | The Z3 Theorem Prover |
| Frida | https://github.com/frida/frida | Dynamic instrumentation toolkit |
| Name | Reference-Links | Infos |
|---|---|---|
| Dobby | https://github.com/jmpews/Dobby | a lightweight, multi-platform, multi-architecture hook framework |
| LSPosed | https://github.com/LSPosed/LSPosed | LSPosed Xposed Framework |
| YAHFA | https://github.com/PAGalaxyLab/YAHFA | Yet Another Hook Framework for ART |
| EdXposed | https://github.com/ElderDrivers/EdXposed | Elder driver Xposed Framework |
| PolyHook | https://github.com/stevemk14ebr/PolyHook_2_0 | C++17, x86/x64 Hooking Libary v2.0 |
| Riru | https://github.com/RikkaApps/Riru | Inject into zygote process |
| Name | Reference-Links | Infos |
|---|---|---|
| Name | Reference-Links | Infos |
|---|---|---|
| radare2 | https://github.com/radareorg/radare2 | UNIX-like reverse engineering framework and command-line toolset |
| BARF | https://github.com/programa-stic/barf-project | A multiplatform open source Binary Analysis and Reverse engineering Framework |
| pharos | https://github.com/cmu-sei/pharos | Automated static analysis tools for binary programs |
| QEMU | * https://github.com/qemu/qemu * https://airbus-seclab.github.io/qemu_blog/ |
machine & userspace emulator and virtualizer |
| ABD | https://github.com/malrev/ABD | Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories |
| Tigress | https://github.com/JonathanSalwan/Tigress_protection | Tigress Protections |
| D810(IDA_Plugin) | https://github.com/joydo/d810 | an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode |
| bytecode-viewer | https://github.com/Konloch/bytecode-viewer | A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More) |