Top picks: Joe Sandbox DEC, manalyze, RevEng.AI — plus 45 more compared.
Security Operationsreadpe is a free tool. Security professionals most commonly compare it with . All 48 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to readpe, including their key features and shared capabilities.
Plugin that decompiles malware PE files into readable C code using hybrid analysis.
Shares 4 capabilities with readpe: Pe File, Reverse Engineering, Binary Analysis, Windows
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
Shares 4 capabilities with readpe: Pe File, Reverse Engineering, Binary Analysis, Executable Analysis
AI-powered binary analysis platform for reverse engineering & malware analysis.
Shares 3 capabilities with readpe: Reverse Engineering, Binary Analysis, Executable Analysis
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
Shares 3 capabilities with readpe: Binary Analysis, File Analysis, Windows
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
Shares 3 capabilities with readpe: Pe File, Binary Analysis, Executable Analysis
wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.
Shares 3 capabilities with readpe: Binary Analysis, File Analysis, Windows
PLASMA is an interactive disassembler that generates readable assembly code with colored syntax for reverse engineering binary files across multiple architectures and formats.
Shares 3 capabilities with readpe: Pe File, Reverse Engineering, Binary Analysis
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
Shares 3 capabilities with readpe: Reverse Engineering, Binary Analysis, Executable Analysis
Plugin that decompiles malware PE files into readable C code using hybrid analysis.
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
AI-powered binary analysis platform for reverse engineering & malware analysis.
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.
PLASMA is an interactive disassembler that generates readable assembly code with colored syntax for reverse engineering binary files across multiple architectures and formats.
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
Java decompiler for modern Java features up to Java 14.
Malware analysis platform for SOC teams with binary analysis and threat detection
Agentic AI tool for automated malware reverse engineering & phishing analysis.
FIM and config change monitoring tool with baseline deviation detection.
AI-powered malware analysis & threat research platform with chat interface.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.
Fast disassembler producing reassemblable assembly code using Datalog
HexPrism is a fast, privacy-first hex editor built for CTFs and digital forensics.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A static analysis framework for extracting key characteristics from various file formats
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A command-line utility for extracting human-readable text from binary files.
edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
A .NET assembly debugger and editor that enables reverse engineering and dynamic analysis of compiled .NET applications without source code access.
FSF is a modular, recursive file scanning solution that enables analysts to extend the utility of Yara signatures and define actionable intelligence within a file.
A command-line string extraction utility for digital forensics that supports ASCII and Unicode string extraction from files and directories with pattern matching and filtering capabilities.
Dynamic binary analysis library with various analysis and emulation capabilities.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.
Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
Tool for analyzing Windows Recycle Bin INFO2 file
A Python script for scanning data within an IDB using Yara
A disassembly framework with support for multiple hardware architectures and clean API.
RetDec is an LLVM-based decompiler that converts machine code from various architectures and file formats back into readable C-like source code for reverse engineering and malware analysis.
A Python wrapper for the Libemu library that enables shellcode analysis and malicious code examination through programmatic interfaces.
A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.
A C library that enables cross-platform execution of functions from stripped binaries using file names, offsets, and function signatures.
Capa is a malware analysis tool that detects capabilities in executable files by analyzing PE, ELF, .NET modules, shellcode, and sandbox reports to identify potential malicious behaviors with ATT&CK framework mapping.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
PINT is a PIN tool that enables Lua scripting for Intel's PIN dynamic instrumentation framework, allowing researchers to inject custom code during binary analysis processes.
A command-line tool that parses Google Protobuf encoded data without schema definitions and displays the content in a readable, colored format.
A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.
FLOSS is a static analysis tool that automatically extracts and deobfuscates hidden strings from malware binaries using advanced analysis techniques.
A command-line tool that visually displays YARA rule matches, regex matches, and hex patterns in binary data with colored output and configurable context bytes.
Common questions security professionals ask when evaluating alternatives and competitors to readpe.
The most popular alternatives to readpe include Joe Sandbox DEC, manalyze, RevEng.AI, Yara Pattern Scanner, and CAPA. These Digital Forensics and Incident Response tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
