Reverse Engineering

APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.

A 32-bit assembler level analyzing debugger for Microsoft Windows.

A disassembly framework with support for multiple hardware architectures and clean API.

Educational repository containing RPISEC's course materials for teaching modern binary exploitation, vulnerability research, and reverse engineering at Rensselaer Polytechnic Institute.

PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.

An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.

A comprehensive guide to reverse engineering by Dennis Yurichev, available for free download in multiple languages and formats, with praise from cybersecurity experts.

FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.

PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.

OneGadget is a CTF-focused tool that uses symbolic execution to find RCE gadgets in binaries that can execute shell commands through execve('/bin/sh', NULL, NULL).

A YARA interactive debugger for the YARA language written in Rust, providing features like function calls, constant evaluation, and string matching.

A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.

A Capture The Flag (CTF) platform for testing computer security skills

A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.

Recorded talks from the Hardwear.io Conference 2018 covering various hardware security topics.

A de-obfuscator for M/o/Vfuscator, a notorious obfuscator, designed to reverse the effects of M/o/Vfuscator's obfuscation.

ROPgadget is a cross-platform command-line tool that searches for ROP gadgets in binary files across multiple architectures to facilitate exploit development and ROP chain construction.

A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.

edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.

An IDA Pro plugin that uses YARA rules to automatically detect cryptographic constants and patterns in binary files during reverse engineering analysis.

FSF is a modular, recursive file scanning solution that enables analysts to extend the utility of Yara signatures and define actionable intelligence within a file.

A command-line tool for analyzing and extracting detailed information from Windows Portable Executable (PE) files.

A command-line tool that parses Google Protobuf encoded data without schema definitions and displays the content in a readable, colored format.

Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.