Binary Analysis
Browse 132 binary analysis tools
FEATURED
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
A collection of setup scripts for various security research tools with installers for tools like afl, angr, barf, and more.
A collection of setup scripts for various security research tools with installers for tools like afl, angr, barf, and more.
A Python wrapper for the Libemu library that enables shellcode analysis and malicious code examination through programmatic interfaces.
A Python wrapper for the Libemu library that enables shellcode analysis and malicious code examination through programmatic interfaces.
Official repository of YARA rules for threat detection and hunting
Official repository of YARA rules for threat detection and hunting
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
A collection of Python scripts that automate tasks and extend IDA Pro disassembler functionality for reverse engineering workflows.
A collection of Python scripts that automate tasks and extend IDA Pro disassembler functionality for reverse engineering workflows.
VolatilityBot automates memory dump analysis by extracting executables, detecting code injections, and performing automated malware scanning using YARA and ClamAV.
VolatilityBot automates memory dump analysis by extracting executables, detecting code injections, and performing automated malware scanning using YARA and ClamAV.
A bash script that analyzes executable files to check security properties like PIE, RELRO, canaries, ASLR, and Fortify Source protections.
A bash script that analyzes executable files to check security properties like PIE, RELRO, canaries, ASLR, and Fortify Source protections.
Redexer is a reengineering tool that parses, analyzes, and modifies Android DEX files for binary manipulation and permission analysis.
Redexer is a reengineering tool that parses, analyzes, and modifies Android DEX files for binary manipulation and permission analysis.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
StringSifter is a machine learning tool that automatically ranks strings extracted from malware samples based on their relevance for analysis.
StringSifter is a machine learning tool that automatically ranks strings extracted from malware samples based on their relevance for analysis.
A collection of Yara signatures for identifying malware and other threats
A collection of Yara signatures for identifying malware and other threats
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
JD-GUI is a graphical Java decompiler that reconstructs and displays source code from compiled ".class" files for reverse engineering and code analysis purposes.
JD-GUI is a graphical Java decompiler that reconstructs and displays source code from compiled ".class" files for reverse engineering and code analysis purposes.
A backend agnostic debugger frontend for debugging binaries without source code access.
A backend agnostic debugger frontend for debugging binaries without source code access.
A Python script for scanning data within an IDB using Yara
A Python script for scanning data within an IDB using Yara
Python 3 tool for parsing Yara rules with ongoing development.
Python 3 tool for parsing Yara rules with ongoing development.
RetDec is an LLVM-based decompiler that converts machine code from various architectures and file formats back into readable C-like source code for reverse engineering and malware analysis.
RetDec is an LLVM-based decompiler that converts machine code from various architectures and file formats back into readable C-like source code for reverse engineering and malware analysis.
A C library that enables cross-platform execution of functions from stripped binaries using file names, offsets, and function signatures.
A C library that enables cross-platform execution of functions from stripped binaries using file names, offsets, and function signatures.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.
A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.
