Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Support
Quality
Security
License
Reuse
Interactive CTF Exploration Tool
Support
Quality
Security
License
Reuse
Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
Support
Quality
Security
License
Reuse
The World's First Universal Mod Loader for Unity Games compatible with both Il2Cpp and Mono
Support
Quality
Security
License
Reuse
Decompilation of Pokémon Emerald
Support
Quality
Security
License
Reuse
OFRAK: unpack, modify, and repack binaries.
Support
Quality
Security
License
Reuse
This project has been moved to:
Support
Quality
Security
License
Reuse
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
Support
Quality
Security
License
Reuse
Hook Framework for Android/IOS/Linux/MacOS
Support
Quality
Security
License
Reuse
Windows tool for dumping malware PE files from memory back to disk for analysis.
Support
Quality
Security
License
Reuse
A libre cross-platform disassembler.
Support
Quality
Security
License
Reuse
The OpenSource Disassembler
Support
Quality
Security
License
Reuse
CobaltStrike's source code
Support
Quality
Security
License
Reuse
BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework
Support
Quality
Security
License
Reuse
Obfuscate Go binaries and packages
Support
Quality
Security
License
Reuse
The decompilation engine of JustDecompile
Support
Quality
Security
License
Reuse
Multi-architecture assembler for IDA Pro. Powered by Keystone Engine.
Support
Quality
Security
License
Reuse
Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.
Support
Quality
Security
License
Reuse
Tools, tips, tricks, and more for exploring ICS Security.
Support
Quality
Security
License
Reuse
Squalr Memory Editor - Game Hacking Tool Written in C#
Support
Quality
Security
License
Reuse
Welcome Coordinator for Android
Support
Quality
Security
License
Reuse
C++17, x86/x64 Hooking Libary v2.0
Support
Quality
Security
License
Reuse
Android Dynamic Binary Instrumentation Toolkit
Support
Quality
Security
License
Reuse
Decompilation of The Legend of Zelda: Breath of the Wild (Switch 1.5.0)
Support
Quality
Security
License
Reuse
PCem
Support
Quality
Security
License
Reuse
A Frida based tool that traces usage of the JNI API in Android apps.
Support
Quality
Security
License
Reuse
IDAPython tool for creating automatic C++ virtual tables in IDA Pro
Support
Quality
Security
License
Reuse
Reverse engineered Linux driver for the FacetimeHD (Broadcom 1570) PCIe webcam
Support
Quality
Security
License
Reuse
ELF file viewer/editor for Windows, Linux and MacOS.
Support
Quality
Security
License
Reuse
Frida hook some jni functions
Support
Quality
Security
License
Reuse
Work-in-progress tool to reverse unity's IL2CPP toolchain.
Support
Quality
Security
License
Reuse
iOS Reverse Engineering
Support
Quality
Security
License
Reuse
Binary instrumentation framework based on FRIDA
Support
Quality
Security
License
Reuse
Flutter Reverse Engineering Framework
Support
Quality
Security
License
Reuse
Flutter Reverse Engineering Framework
Support
Quality
Security
License
Reuse
An open source interactive disassembler
Support
Quality
Security
License
Reuse
Radare2 and Frida better together.
Support
Quality
Security
License
Reuse
Full featured multi arch/os debugger built on top of PyQt5 and frida
Support
Quality
Security
License
Reuse
A VBA parser and emulation engine to analyze malicious macros.
Support
Quality
Security
License
Reuse
Microsoft.Diagnostics.Runtime is a set of APIs for introspecting processes and dumps.
Support
Quality
Security
License
Reuse
[Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Support
Quality
Security
License
Reuse
Superfast Genshin Impact artifacts scanner
Support
Quality
Security
License
Reuse
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
Support
Quality
Security
License
Reuse
Obfuscate specific windows apis with different apis
Support
Quality
Security
License
Reuse
DRAKVUF Black-box Binary Analysis
Support
Quality
Security
License
Reuse
Driver 2 Playstation game reverse engineering effort
Support
Quality
Security
License
Reuse
Dumping processes using the power of kernel space !
Support
Quality
Security
License
Reuse
Support
Quality
Security
License
Reuse
🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition
Support
Quality
Security
License
Reuse
Include binary files in C/C++
Support
Quality
Security
License
Reuse
h
hollows_hunterby hasherezade
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
C
1616Updated: 2 y ago License: Permissive (BSD-2-Clause)
1616Updated: 2 y ago License: Permissive (BSD-2-Clause)Support
Quality
Security
License
Reuse
c
ctftoolby taviso
Interactive CTF Exploration Tool
C 1611Updated: 2 y ago License: Permissive (Apache-2.0)
1611Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
p
pyreboxby Cisco-Talos
Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
C 1601Updated: 2 y ago License: Strong Copyleft (GPL-2.0)
1601Updated: 2 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
M
MelonLoaderby LavaGang
The World's First Universal Mod Loader for Unity Games compatible with both Il2Cpp and Mono
C# 1596Updated: 2 y ago License: Permissive (Apache-2.0)
1596Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
p
pokeemeraldby pret
Decompilation of Pokémon Emerald
C 1594Updated: 2 y ago
License: No License (No License)
1594Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
o
ofrakby redballoonsecurity
OFRAK: unpack, modify, and repack binaries.
Python 1577Updated: 2 y ago License: Proprietary (Proprietary)
1577Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
i
iaitoby hteso
This project has been moved to:
C++ 1489Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1489Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
r
rpby 0vercl0k
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
C++ 1488Updated: 2 y ago License: Permissive (MIT)
1488Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
w
whaleby asLody
Hook Framework for Android/IOS/Linux/MacOS
C++ 1454Updated: 2 y ago License: Permissive (Apache-2.0)
1454Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
P
Process-Dumpby glmcdona
Windows tool for dumping malware PE files from memory back to disk for analysis.
C 1414Updated: 2 y ago License: Permissive (MIT)
1414Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
panopticonby das-labor
A libre cross-platform disassembler.
Rust 1405Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1405Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
R
REDasmby REDasmOrg
The OpenSource Disassembler
C++ 1381Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1381Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
C
CobaltStrikeby Freakboy
CobaltStrike's source code
Java 1373Updated: 4 y ago License: No License (No License)
1373Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
b
barf-projectby programa-stic
BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework
Python 1357Updated: 2 y ago License: Permissive (BSD-2-Clause)
1357Updated: 2 y ago License: Permissive (BSD-2-Clause)Support
Quality
Security
License
Reuse
g
gobfuscateby unixpickle
Obfuscate Go binaries and packages
Go 1327Updated: 2 y ago License: Permissive (BSD-2-Clause)
1327Updated: 2 y ago License: Permissive (BSD-2-Clause)Support
Quality
Security
License
Reuse
J
JustDecompileEngineby telerik
The decompilation engine of JustDecompile
C# 1311Updated: 2 y ago License: Proprietary (Proprietary)
1311Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
k
keypatchby keystone-engine
Multi-architecture assembler for IDA Pro. Powered by Keystone Engine.
Python 1289Updated: 2 y ago License: Strong Copyleft (GPL-2.0)
1289Updated: 2 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
p
pe_treeby blackberry
Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.
Python 1264Updated: 2 y ago License: Permissive (Apache-2.0)
1264Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
I
ICS-Security-Toolsby ITI
Tools, tips, tricks, and more for exploring ICS Security.
HTML 1255Updated: 2 y ago License: Permissive (CC-BY-4.0)
1255Updated: 2 y ago License: Permissive (CC-BY-4.0)Support
Quality
Security
License
Reuse
S
Squalrby Squalr
Squalr Memory Editor - Game Hacking Tool Written in C#
C# 1251Updated: 2 y ago License: No License (No License)
1251Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
w
welcome-coordinatorby txusballesteros
Welcome Coordinator for Android
Java 1250Updated: 2 y ago License: Permissive (Apache-2.0)
1250Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
P
PolyHook_2_0by stevemk14ebr
C++17, x86/x64 Hooking Libary v2.0
C++ 1225Updated: 2 y ago License: Permissive (MIT)
1225Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
a
adbiby crmulliner
Android Dynamic Binary Instrumentation Toolkit
C 1224Updated: 2 y ago License: No License (No License)
1224Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
b
botwby zeldaret
Decompilation of The Legend of Zelda: Breath of the Wild (Switch 1.5.0)
C++ 1207Updated: 2 y ago License: No License (No License)
1207Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
p
Support
Quality
Security
License
Reuse
j
jnitraceby chame1eon
A Frida based tool that traces usage of the JNI API in Android apps.
TypeScript 1175Updated: 2 y ago License: Permissive (MIT)
1175Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
V
Virtuailorby 0xgalz
IDAPython tool for creating automatic C++ virtual tables in IDA Pro
Python 1123Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1123Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
b
bcwc_pcieby patjak
Reverse engineered Linux driver for the FacetimeHD (Broadcom 1570) PCIe webcam
C 1122Updated: 4 y ago License: No License (No License)
1122Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
X
XELFViewerby horsicq
ELF file viewer/editor for Windows, Linux and MacOS.
C++ 1089Updated: 2 y ago License: Permissive (MIT)
1089Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
f
frida_hook_libartby lasting-yang
Frida hook some jni functions
JavaScript 1064Updated: 2 y ago License: Permissive (MIT)
1064Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
C
Cpp2ILby SamboyCoding
Work-in-progress tool to reverse unity's IL2CPP toolchain.
C# 1057Updated: 2 y ago License: Permissive (MIT)
1057Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
i
Support
Quality
Security
License
Reuse
m
medusaby Ch0pin
Binary instrumentation framework based on FRIDA
Python 1027Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1027Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
r
reFlutterby Impact-I
Flutter Reverse Engineering Framework
Python 1014Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1014Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
r
reFlutterby ptswarm
Flutter Reverse Engineering Framework
Python 1013Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1013Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
m
medusaby wisk
An open source interactive disassembler
C++ 955Updated: 4 y ago License: Proprietary (Proprietary)
955Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
r
r2fridaby nowsecure
Radare2 and Frida better together.
TypeScript 953Updated: 2 y ago License: Permissive (MIT)
953Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
D
Dwarfby iGio90
Full featured multi arch/os debugger built on top of PyQt5 and frida
Python 951Updated: 4 y ago License: Strong Copyleft (GPL-3.0)
951Updated: 4 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
V
ViperMonkeyby decalage2
A VBA parser and emulation engine to analyze malicious macros.
Python 950Updated: 2 y ago License: No License (No License)
950Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
c
clrmdby microsoft
Microsoft.Diagnostics.Runtime is a set of APIs for introspecting processes and dumps.
C# 949Updated: 2 y ago License: Permissive (MIT)
949Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
d
dexcaliburby FrenchYeti
[Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
JavaScript 938Updated: 2 y ago License: Permissive (Apache-2.0)
938Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
y
yasby wormtql
Superfast Genshin Impact artifacts scanner
Rust 938Updated: 2 y ago License: No License (No License)
938Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
v
vmlinux-to-elfby marin-m
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
Python 926Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
926Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
C
CallObfuscatorby d35ha
Obfuscate specific windows apis with different apis
C++ 906Updated: 2 y ago License: No License (No License)
906Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
d
drakvufby tklengyel
DRAKVUF Black-box Binary Analysis
C++ 897Updated: 2 y ago License: Proprietary (Proprietary)
897Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
R
REDRIVER2by OpenDriver2
Driver 2 Playstation game reverse engineering effort
C 863Updated: 2 y ago License: Permissive (MIT)
863Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
K
KsDumperby EquiFox
Dumping processes using the power of kernel space !
C# 830Updated: 2 y ago License: Permissive (MIT)
830Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
v
vivisectby vivisect
Python 818Updated: 2 y ago License: Permissive (Apache-2.0)
818Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
p
protobuf-inspectorby mildsunrise
🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition
Python 811Updated: 2 y ago License: Permissive (ISC)
811Updated: 2 y ago License: Permissive (ISC)Support
Quality
Security
License
Reuse
i
incbinby graphitemaster
Include binary files in C/C++
C 800Updated: 2 y ago License: Permissive (Unlicense)
800Updated: 2 y ago License: Permissive (Unlicense)Support
Quality
Security
License
Reuse