Boomerang Decompiler
This is a fork of Boomerang, a general, open source (BSD licensed) machine code decompiler. Boomerang currently supports: architectures: x86 (IA-32 only), PPC, ST20 file formats: ELF, PE, DOS MZ, DOS/4GW LE, Mach-O high-level language output: C. Although there are pre-compiled packages available for release versions (master branch), it is currently recommended to build the development version (develop branch) of the decompiler from source. Building: Build status Test Coverage develop master Building prerequisites: - A 64 bit operating system (32 bit might or might not work, but it is not supported.) - A C++17 compiler (GCC 7+, Clang 6+, MSVC 2017+ are known to work) - CMake 3.13+ - Qt5 (Qt 5.12+ is known to work, earlier versions should also work) - Capstone 4.0.1+ - GNU bison 3.3+ - GNU flex 2.6+ - CCache 3.2+ (optional, for recompilation speed) - Doxygen 1.8+ (optional, for documentation) - Python 3 (optional, for regression tests) Building on Linux: On a Linux system you can build and install Boomerang with the usual cmake-make-make-install procedure. On a Debian-compatible system (e.g. Ubuntu) these commands will clone, build and install Boomerang: sudo apt-get install git build-e
FEATURES
ALTERNATIVES
A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.
A tool to locally check for signs of a rootkit with various checks and tests.
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
Generates a YARA rule to match basic blocks of the current function in IDA Pro
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
A detailed analysis of malicious packages and how they work
PINNED
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.