17 مستودعات
Utilities for inspecting and decompiling intermediate bytecode formats.
Explore 17 awesome GitHub repositories matching part of an awesome list · Bytecode Analysis Tools. Refine with filters or upvote what's useful.
dnSpy is a specialized toolset for the reverse engineering, analysis, and modification of compiled .NET binaries. It functions as a decompiler that converts assemblies back into readable high-level source code, an assembly editor for modifying bytecode and metadata, and a debugger for inspecting compiled binaries. The project integrates a hex editor specifically for inspecting and modifying raw bytes and Common Intermediate Language structures. It allows for the direct modification of binary contents to change application behavior without requiring the original project source files. The tool
A debugger and .NET assembly editor for bytecode analysis.
dex2jar is an Android dex decompiler and reverse engineering tool designed to convert Dalvik executable bytecode into Java class files. It functions as a bytecode converter that transforms compiled Android binaries into a format compatible with standard Java analysis tools. The project facilitates Android app decompilation and Java bytecode recovery by translating executable files into readable structures. This allows for the analysis of application logic and the identification of security vulnerabilities or malicious behavior during Android malware analysis. The tool performs static bytecod
Parses binary dex files to extract class hierarchies and method signatures through static analysis.
de4dot is a .NET deobfuscator and unpacker designed to reverse obfuscation and restore readable code and metadata within .NET assemblies. It functions as a bytecode analyzer that simplifies control flow, strips anti-debugging protections, and extracts original payloads from packed executable wrappers. The project distinguishes itself through a modular deobfuscation pipeline and a sandbox environment used for dynamic string decryption, which executes decryption methods to replace encrypted strings with plain-text values. It can identify specific obfuscation tools through pattern-based binary a
Analyzes Common Intermediate Language bytecode to simplify control flow and remove junk instructions.
JerryScript is a lightweight, ECMAScript-compliant JavaScript engine and bytecode compiler designed for resource-constrained devices. It serves as an embedded interpreter and IoT scripting runtime, enabling the execution of JavaScript code within native C applications on hardware with limited memory. The project differentiates itself through a focus on low-memory runtime management, utilizing bytecode precompilation and pre-compiled state snapshots to reduce startup time and memory overhead. It features a C-binding native bridge for bidirectional communication between native code and scripts,
Provides the ability to dump generated bytecode into a human-readable format for analysis.
Recaf هي مجموعة من الأدوات المتخصصة لتجميع وتحرير وإلغاء تشويش وتفكيك وتجهيز Java bytecode وعمليات وقت التشغيل. توفر بيئة منسقة لتعديل ملفات فئة Java المجمعة وتحليل سلوك تطبيقات Java. يتميز المشروع بطبقة تجريد متعددة المستويات تسمح بالتحرير عبر تنسيقات مختلفة وإطار عمل قابل للتوصيل يوجه bytecode عبر محركات تفكيك متعددة قابلة للتكوين. يتضمن محرك برمجة نصية مضمن وبنية مكونات إضافية لأتمتة المهام المتكررة وتوسيع سلوك النظام. تغطي مجموعة الأدوات العديد من مجالات القدرات عالية المستوى، بما في ذلك التحليل الساكن للبحث في محتوى التطبيق ومحاكاة حالات تنفيذ الطريقة. كما تدعم تجهيز وقت التشغيل للاتصال بالعمليات الحية وتحويل bytecode المؤتمت لإزالة التشويش وإصلاح ملفات الفئة. يتم دعم التنفيذ بدون واجهة رسومية عبر واجهة سطر أوامر لدمج سير العمل في خطوط أنابيب البناء الخارجية.
Provides a pluggable framework that routes bytecode through multiple interchangeable decompilers.
Smali is a two-way binary translation toolset designed to convert Dalvik bytecode to human-readable assembly and back again. It provides a mechanism for the disassembly and assembly of executable files used in virtual machine environments. The project enables the modification of compiled Android application logic by transforming binary files into editable assembly and rebuilding them. It is used for reverse engineering, malware analysis, and the study of low-level instructions to identify program behavior or security flaws. The toolkit covers binary construction through smali code assembly a
Disassembles Dalvik bytecode into human-readable assembly while preserving annotations and debug information.
Reverse engineering and pentesting for Android applications
Decompiles Dalvik bytecode into human-readable assembly instructions for security analysis.
JPEX Software is a comprehensive reverse engineering suite for SWF binary files, serving as an ActionScript decompiler and editor. It provides a toolkit for decompiling, analyzing, and modifying the internal structure of compiled Flash content, including the extraction of scripts and media assets. The project is distinguished by its ability to perform direct binary modification, allowing users to edit bytecode and replace embedded resources without reverting to high-level source code. It includes a runtime ActionScript bytecode debugger for variable inspection and call stack analysis, as well
Ships a powerful ActionScript decompiler that transforms compiled bytecode back into human-readable source code.
Steamless هي أداة متخصصة مصممة لتجريد أغلفة إدارة الحقوق الرقمية SteamStub من ملفات الألعاب القابلة للتنفيذ. تعمل كأداة فك تشفير وفك حزم تقوم بإزالة طبقات الحماية هذه لاستعادة البيانات الثنائية الخام للتطبيق الأصلي. من خلال إزالة الغلاف الخاص بالمنصة، تستعيد الأداة نقاط الدخول الأصلية وتمكن الملفات القابلة للتنفيذ من العمل دون الحاجة إلى مثيل منصة مصادق عليه. تعد هذه العملية ثنائيات الألعاب للتعديل عن طريق إزالة الطبقات التي تمنع عادةً أدوات الطرف الثالث من الوصول إلى الكود. يستخدم المشروع فك حزم الثنائيات الثابت، والمسح الثنائي الخطي، وتحليل البايت كود القائم على الأنماط لتحديد حدود الحمولة وإعادة بناء هياكل الملفات القابلة للتنفيذ الأصلية.
Utilizes pattern-based bytecode analysis to identify DRM wrapper boundaries within executable files.
This project is a comprehensive Android reverse engineering suite that functions as a decompiler, bytecode deobfuscator, and malware analysis tool. It is designed to convert APK, DEX, and OAT binaries into human-readable source code using a native implementation that does not require a Java Virtual Machine. The platform is distinguished by its integration with Frida for dynamic analysis, allowing users to hook methods, inject custom JavaScript, and dump device memory in real time. It also features specialized security engines, including a taint propagation engine and a stack-state machine, to
Translates Dalvik bytecode into readable source code using a structured algorithm to recover program logic.
Fernflower هو أداة إلغاء تجميع (decompiler) لـ Java bytecode وأداة للهندسة العكسية. يقوم بتحويل ملفات فئة Java المجمعة مرة أخرى إلى كود مصدر Java قابل للقراءة البشرية لإعادة بناء منطق البرنامج الأصلي وأسماء المتغيرات. تعمل الأداة كمعالج bytecode لسطر الأوامر قادر على معالجة أرشيفات Java وملفات الفئات بشكل دفعي. تتعامل تحديداً مع تحليل الكود المشوش (obfuscated) عن طريق إعادة تسمية المعرفات الغامضة وحل تعارضات التسمية لجعل كود المصدر الناتج أسهل في المتابعة. يستخدم النظام التحليل الثابت لتحويل bytecode إلى مصدر، مستفيداً من استخراج معلومات تصحيح الأخطاء لاستعادة أسماء المتغيرات المحلية. يعيد بناء هياكل البرنامج من خلال تحليل رسم بياني لتدفق التحكم، واستنتاج النوع، وتوليد شجرة بناء جملة مجردة (abstract syntax tree).
Functions as a bytecode decompiler that transforms compiled class files back into human-readable Java source code.
python-uncompyle6 is a Python bytecode decompiler and reverse engineering tool designed to convert compiled bytecode files back into human-readable source code. It functions as a source code recoverer and bytecode disassembler, allowing for the analysis of internal program logic and the reconstruction of original language constructs. The tool provides cross-version support, enabling the analysis and recovery of source code from bytecode created across multiple different versions of the Python interpreter. This allows it to operate as a cross-version bytecode analyzer that can interpret varied
Provides the ability to list Python bytecode instructions with flags and operands for manual code analysis.
pycdc is a reverse engineering toolset that decompiles and disassembles compiled Python bytecode files back into readable source code. It parses .pyc file headers, reconstructs abstract syntax trees from bytecode instructions, and handles version-specific opcodes across Python versions 1.0 through 3.13 with endian-aware binary parsing. The tool recovers numeric constants, string literals, and marshalled Python objects from compiled bytecode, supporting both file-based and in-memory bytecode loading. It provides a human-readable disassembly listing of bytecode instructions alongside full sourc
Translate compiled Python bytecode back into readable source code by analyzing and reconstructing the original program structure.
Fernflower is a Java bytecode decompiler designed to convert compiled Java class files back into human-readable source code. It functions as a bytecode analysis tool that recovers original program logic and structure from compiled binaries. The project includes capabilities for obfuscated identifier resolution to rename ambiguous member elements, ensuring clear identifiers in the resulting source. These features support the analysis of obfuscated code, legacy code recovery, and Java malware analysis for security auditing. The system utilizes a structural analysis pipeline that includes contr
Converts compiled Java class files back into readable source code to recover original program logic.
pyinstxtractor is a PyInstaller executable unpacker and Python bytecode recovery tool. It functions as a helper for decompiling compiled Python binaries by extracting bundled binaries and bytecode from executables created with PyInstaller. The project includes a bytecode decryptor to remove encryption from extracted files and a header repair tool that restores corrupted headers. These capabilities ensure that extracted compiled files are compatible with bytecode decompilation software. The utility covers reverse engineering of Python applications, supporting malware analysis workflows throug
Restores missing magic numbers and versioning information to make extracted bytecode compatible with decompilers.
gdsdecomp is a project recovery suite and game engine reverse engineering toolset. It functions as a bytecode decompiler, binary resource converter, and asset extraction tool designed to reconstruct original directory hierarchies and scripts from compiled binary game assets. The toolset specializes in GDScript bytecode decompilation and compilation, translating compiled bytecode back into human-readable source code or converting source code into executable bytecode for specific engine versions and commit hashes. It includes a game archive patcher to modify project archives by replacing intern
Converts compiled bytecode files back into human-readable source code for various engine versions.
ArchUnit is a Java architecture testing library and automated validator that analyzes compiled bytecode to verify that source code adheres to predefined design rules. It functions as a testing framework that fails builds when the actual code structure violates architectural constraints. The library uses a fluent rule specification to define constraints and employs bytecode analysis to inspect class relationships and package dependencies. This allows for the automated detection of circular dependencies and the enforcement of dependency rules between packages. The tool covers a range of struct
Inspects compiled Java classes to enforce rules regarding package dependencies and class relationships.