Binary Analysis

Binary analysis tool providing file summaries and security assessments

A device security analysis platform that provides comprehensive vulnerability scanning, SBOM management, and supply chain security monitoring for connected devices and their components.

A software supply chain security platform that analyzes binaries and software components to detect malware, vulnerabilities, exposed secrets, and tampering throughout the development lifecycle.

DerScanner is a comprehensive application security testing platform that combines SAST, DAST, MAST, SCA, and Binary Analysis capabilities with support for on-premises deployment and CI/CD integration.

A binary analysis platform for analyzing binary programs

A powerful reverse engineering framework

A reverse engineering framework with a focus on usability and code cleanliness

An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.

A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.

A malware/botnet analysis framework with a focus on network analysis and process comparison.

ConventionEngine is a Yara rule collection that analyzes PE files by examining PDB paths for suspicious keywords, terms, and anomalies that may indicate malicious software.

Embeddable Yara library for Java with support for loading rules and scanning data.

Dynamic binary analysis library with various analysis and emulation capabilities.

Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.

A non-commercial wargame site offering pwn challenges related to system exploitation with different difficulty levels.

An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.

Binsequencer automatically generates YARA detection rules by analyzing collections of similar malware samples and identifying common x86 instruction sequences across the corpus.

A malware processing and analytics tool that utilizes Pig, Django, and Elasticsearch to analyze and visualize malware data.

Boston Key Party CTF 2013 - cybersecurity competition with challenges in various domains.

SigThief extracts digital signatures from signed PE files and appends them to other files to create invalid signatures for testing Anti-Virus detection mechanisms.

angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.

Ropper is a multi-architecture binary analysis tool that searches for ROP gadgets and displays information about executable files for exploit development.

Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.

Generate Yara rules from function basic blocks in x64dbg.