Top picks: edb, wxHexEditor, DumpItForLinux — plus 45 more compared.
Security OperationsContagio Mobile is a free tool. Security professionals most commonly compare it with . All 48 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to Contagio Mobile, including their key features and shared capabilities.
edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.
wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
Malware analysis platform for SOC teams with binary analysis and threat detection
Plugin that decompiles malware PE files into readable C code using hybrid analysis.
Agentic AI tool for automated malware reverse engineering & phishing analysis.
FIM and config change monitoring tool with baseline deviation detection.
AI-powered binary analysis platform for reverse engineering & malware analysis.
edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.
wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
Malware analysis platform for SOC teams with binary analysis and threat detection
Plugin that decompiles malware PE files into readable C code using hybrid analysis.
Agentic AI tool for automated malware reverse engineering & phishing analysis.
FIM and config change monitoring tool with baseline deviation detection.
AI-powered binary analysis platform for reverse engineering & malware analysis.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.
A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.
OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.
A read-only FUSE driver that enables Linux systems to mount and access Apple File System (APFS) volumes, including encrypted and fusion drives.
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
Fast disassembler producing reassemblable assembly code using Datalog
HexPrism is a fast, privacy-first hex editor built for CTFs and digital forensics.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A static analysis framework for extracting key characteristics from various file formats
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.
A command-line utility for extracting human-readable text from binary files.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
A .NET assembly debugger and editor that enables reverse engineering and dynamic analysis of compiled .NET applications without source code access.
LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.
A collaborative malware analysis framework with various features for automated analysis tasks.
Python 3 tool for parsing Yara rules with ongoing development.
RABCDAsm is a collection of utilities for ActionScript 3 assembly/disassembly and SWF file manipulation.
A command-line string extraction utility for digital forensics that supports ASCII and Unicode string extraction from files and directories with pattern matching and filtering capabilities.
Dynamic binary analysis library with various analysis and emulation capabilities.
Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.
Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.
A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A Python script for scanning data within an IDB using Yara
dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.
A disassembly framework with support for multiple hardware architectures and clean API.
RetDec is an LLVM-based decompiler that converts machine code from various architectures and file formats back into readable C-like source code for reverse engineering and malware analysis.
A tool for processing compiled YARA rules in IDA.
A Python wrapper for the Libemu library that enables shellcode analysis and malicious code examination through programmatic interfaces.
A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.
Common questions security professionals ask when evaluating alternatives and competitors to Contagio Mobile.
The most popular alternatives to Contagio Mobile include edb, wxHexEditor, DumpItForLinux, ReversingLabs Spectra Analyze, and Joe Sandbox DEC. These Digital Forensics and Incident Response tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
