Binary Analysis
Explore 67 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
LATEST ADDITIONS
DerScanner is a comprehensive application security testing platform that combines SAST, DAST, MAST, SCA, and Binary Analysis capabilities with support for on-premises deployment and CI/CD integration.
A binary analysis platform for analyzing binary programs
A powerful reverse engineering framework
A reverse engineering framework with a focus on usability and code cleanliness
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
Embeddable Yara library for Java with support for loading rules and scanning data.
Dynamic binary analysis library with various analysis and emulation capabilities.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
A non-commercial wargame site offering pwn challenges related to system exploitation with different difficulty levels.
Generates a YARA rule to match basic blocks of the current function in IDA Pro
A malware processing and analytics tool that utilizes Pig, Django, and Elasticsearch to analyze and visualize malware data.
Boston Key Party CTF 2013 - cybersecurity competition with challenges in various domains.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
Generate Yara rules from function basic blocks in x64dbg.
BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.
RTA provides a framework of scripts for blue teams to test detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.
A minimal library to generate YARA rules from JAVA with maven support.
PLASMA is an interactive disassembler with support for various architectures and formats, offering a Python API for scripting.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
Visually inspect regex matches in binary data/text with YARA and regular expressions, displaying matched bytes and surrounding context.
Andromeda makes reverse engineering of Android applications faster and easier.
Tool for visualizing correspondences between YARA ruleset and samples
Docker file for building Androguard dependencies with an optional interactive shell environment.
Automate the process of writing YARA rules based on executable code within malware.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Yabin creates Yara signatures from malware to find similar samples.
cwe_checker is a suite of checks to detect common bug classes in ELF binaries using Ghidra for firmware analysis.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A disassembly framework with support for multiple hardware architectures and clean API.
Automatic YARA rule generation for malware repositories.
A YARA interactive debugger for the YARA language written in Rust, providing features like function calls, constant evaluation, and string matching.
YARA module for supporting DCSO format bloom filters with hashlookup capabilities.
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
Frontpage of the IO wargame with various versions and connection details.
Search gadgets on binaries to facilitate ROP exploitation.
dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
A tool for building and installing PhoneyC with optional Python version configuration and root privileges.
A full python tool for analyzing Android files with various functionalities.
A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
A collection of setup scripts for various security research tools with installers for tools like afl, angr, barf, and more.
Official repository of YARA rules for threat detection and hunting
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
FARA is a repository of purposefully erroneous Yara rules for training security analysts.
A collection of Yara signatures for identifying malware and other threats
Standalone graphical utility for viewing Java source codes from ".class" files.
Inspeckage is a dynamic analysis tool for Android applications offering insights into app behavior and real-time monitoring capabilities.
A backend agnostic debugger frontend for debugging binaries without source code access.
Python 3 tool for parsing Yara rules with ongoing development.
A library for running basic functions from stripped binaries cross platform.
A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer with interesting analysis options.
Leading open source automated malware analysis system.
A collaborative malware analysis framework with various features for automated analysis tasks.
Fernflower is an analytical decompiler for Java with command-line options and support for external classes.
Binary analysis and management framework for organizing malware and exploit samples.
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.