Boomerang Decompiler
This is a fork of Boomerang, a general, open source (BSD licensed) machine code decompiler. Boomerang currently supports: architectures: x86 (IA-32 only), PPC, ST20 file formats: ELF, PE, DOS MZ, DOS/4GW LE, Mach-O high-level language output: C. Although there are pre-compiled packages available for release versions (master branch), it is currently recommended to build the development version (develop branch) of the decompiler from source. Building: Build status Test Coverage develop master Building prerequisites: - A 64 bit operating system (32 bit might or might not work, but it is not supported.) - A C++17 compiler (GCC 7+, Clang 6+, MSVC 2017+ are known to work) - CMake 3.13+ - Qt5 (Qt 5.12+ is known to work, earlier versions should also work) - Capstone 4.0.1+ - GNU bison 3.3+ - GNU flex 2.6+ - CCache 3.2+ (optional, for recompilation speed) - Doxygen 1.8+ (optional, for documentation) - Python 3 (optional, for regression tests) Building on Linux: On a Linux system you can build and install Boomerang with the usual cmake-make-make-install procedure. On a Debian-compatible system (e.g. Ubuntu) these commands will clone, build and install Boomerang: sudo apt-get install git build-e
FEATURES
ALTERNATIVES
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
Dynamic binary analysis library with various analysis and emulation capabilities.
Repository of YARA rules for Trellix ATR blogposts and investigations
Kaitai Struct is a declarative language for describing binary data structures.
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.
A collection of YARA rules for public use, built from intelligence profiles and file work.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.