Boomerang Decompiler
This is a fork of Boomerang, a general, open source (BSD licensed) machine code decompiler. Boomerang currently supports: architectures: x86 (IA-32 only), PPC, ST20 file formats: ELF, PE, DOS MZ, DOS/4GW LE, Mach-O high-level language output: C. Although there are pre-compiled packages available for release versions (master branch), it is currently recommended to build the development version (develop branch) of the decompiler from source. Building: Build status Test Coverage develop master Building prerequisites: - A 64 bit operating system (32 bit might or might not work, but it is not supported.) - A C++17 compiler (GCC 7+, Clang 6+, MSVC 2017+ are known to work) - CMake 3.13+ - Qt5 (Qt 5.12+ is known to work, earlier versions should also work) - Capstone 4.0.1+ - GNU bison 3.3+ - GNU flex 2.6+ - CCache 3.2+ (optional, for recompilation speed) - Doxygen 1.8+ (optional, for documentation) - Python 3 (optional, for regression tests) Building on Linux: On a Linux system you can build and install Boomerang with the usual cmake-make-make-install procedure. On a Debian-compatible system (e.g. Ubuntu) these commands will clone, build and install Boomerang: sudo apt-get install git build-e
FEATURES
ALTERNATIVES
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
A tool for malware analysts to search through base64-encoded samples and generate yara rules.
Automates the process of preparing Android APK files for HTTPS inspection
Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.
Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.