Skip to content

Reverse Engineering Tools

Ofrak

  • Website

  • Open-source framework for analyzing malware and other files

  • Supports various file formats including PE, ELF, and Mach-O
  • Offers a web-based interface for interactive analysis
  • Provides a RESTful API for integration with other tools
  • Allows the creation of custom plugins for advanced analysis

Rada

  • Website

  • Free and open-source binary analysis tool

  • Supports various architectures including x86, ARM, and MIPS
  • Offers a command-line interface for static analysis and disassembly
  • Provides advanced features for function identification and cross-referencing
  • Allows the creation of custom scripts using the Python API

Capstone Engine

  • Website

  • Open-source multi-platform disassembly framework

  • Supports various architectures including x86, ARM, PowerPC, and MIPS
  • Offers a simple and easy-to-use API for disassembling and analyzing binary code
  • Provides advanced features for instruction decoding and analysis
  • Allows the creation of custom tools and plugins using the API

Ghidra

  • Website

  • Free and open-source software reverse engineering framework developed by the National Security Agency (NSA)

  • Supports various architectures including x86, ARM, and MIPS
  • Offers a graphical user interface for disassembly, decompilation, and analysis
  • Provides advanced features for scripting and automation using the Python API
  • Allows the creation of custom plugins and modules for advanced analysis and functionality

DynamoRIO

  • Website

  • Dynamic instrumentation tool for analyzing and modifying software at runtime

  • Supports various platforms including Windows, Linux, and macOS
  • Offers a low-overhead, efficient API for tracing, profiling, and debugging applications
  • Provides advanced features for code injection, instrumentation, and analysis
  • Allows the creation of custom clients and plugins using the API

Triton

  • Website

  • Dynamic binary analysis (DBA) framework

  • Supports various architectures including x86, ARM, and AArch64
  • Offers a Python API for disassembly, symbolic execution, and SMT solving
  • Provides advanced features for program analysis, debugging, and vulnerability discovery
  • Allows the creation of custom tools and plugins using the API

Frida

  • Website
  • Documentation

  • Learn Frida

  • Dynamic instrumentation tool for debugging and analyzing software at runtime

  • Supports various platforms including Windows, Linux, macOS, iOS, and Android
  • Offers a JavaScript API for injecting code and interacting with the target process
  • Provides advanced features for function tracing, hooking, and interception
  • Allows the creation of custom scripts and plugins using the API

Dyninst

Last update: 2023-03-30