Best PLASMA Alternatives & Competitors in 2026

RetDec

RetDec is an LLVM-based decompiler that converts machine code from various architectures and file formats back into readable C-like source code for reverse engineering and malware analysis.

Joe Sandbox DEC

Plugin that decompiles malware PE files into readable C code using hybrid analysis.

Boomerang Decompiler

An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.

CAPA

CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.

manalyze

A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.

readpe

A command-line tool for analyzing and extracting detailed information from Windows Portable Executable (PE) files.

steg86

steg86 is a steganographic tool that hides information within x86 and AMD64 binary executables without affecting their performance or file size.

Nightwing DejaVM

Whole-system emulation environment for software dev, debugging, testing & security

Joe Security Joe Reverser

Agentic AI tool for automated malware reverse engineering & phishing analysis.

Zenyard RE Agent

AI agent for in-depth binary analysis and reverse engineering assistance.

RevEng.AI

AI-powered binary analysis platform for reverse engineering & malware analysis.

CodeHunter Labs

Research division powering CodeHunter's pre-execution malware detection engine.

de4dot

An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.

x64dbg

An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.

Radare2

A powerful reverse engineering framework

GrammaTech DDisasm

Fast disassembler producing reassemblable assembly code using Datalog

edb

edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.

dnSpy

A .NET assembly debugger and editor that enables reverse engineering and dynamic analysis of compiled .NET applications without source code access.

PinCTF

PinCTF is a Python wrapper tool that uses Intel's Pin framework to instrument binaries and count instructions for reverse engineering analysis.

Triton

Dynamic binary analysis library with various analysis and emulation capabilities.

Ghidra Software Reverse Engineering Framework

Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.

Krakatau

A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.

dynStruct

dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.

angr

angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.

Capstone Engine

A disassembly framework with support for multiple hardware architectures and clean API.

Pylibemu

A Python wrapper for the Libemu library that enables shellcode analysis and malicious code examination through programmatic interfaces.

ctf_import

A C library that enables cross-platform execution of functions from stripped binaries using file names, offsets, and function signatures.

capa

Capa is a malware analysis tool that detects capabilities in executable files by analyzing PE, ELF, .NET modules, shellcode, and sandbox reports to identify potential malicious behaviors with ATT&CK framework mapping.

Frida

Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

PINT

PINT is a PIN tool that enables Lua scripting for Intel's PIN dynamic instrumentation framework, allowing researchers to inject custom code during binary analysis processes.

JD-GUI

JD-GUI is a graphical Java decompiler that reconstructs and displays source code from compiled ".class" files for reverse engineering and code analysis purposes.

FLARE Obfuscated String Solver (FLOSS)

FLOSS is a static analysis tool that automatically extracts and deobfuscates hidden strings from malware binaries using advanced analysis techniques.

Binkit

Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.

ScratchABit

Interactive incremental disassembler with data/control flow analysis capabilities.

BARF

BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.

IDA_scripts

A collection of Python scripts that automate tasks and extend IDA Pro disassembler functionality for reverse engineering workflows.

CFR

Java decompiler for modern Java features up to Java 14.

OllyDbg v1.10

A 32-bit assembler level analyzing debugger for Microsoft Windows.

Rizin

A reverse engineering framework with a focus on usability and code cleanliness

ReversingLabs Spectra Analyze

Malware analysis platform for SOC teams with binary analysis and threat detection

Joe Security Products

Suite of cloud & on-prem malware/phishing analysis tools for multiple OSes.

Joe Sandbox ML

ML plugin for Joe Sandbox Cloud detecting malicious files via deep learning.

Unknown Cyber Magic™

AI-powered malware analysis & threat research platform with chat interface.

Shellcode2PE

A Python script that converts shellcode into a PE32 or PE32+ file.

Mastiff

A static analysis framework for extracting key characteristics from various file formats

Viper

A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.

floss

A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.

strings

A command-line utility for extracting human-readable text from binary files.