19 مستودعات
Tools for converting machine code into human-readable assembly instructions.
Explore 19 awesome GitHub repositories matching operating systems & systems programming · Binary Disassembly. Refine with filters or upvote what's useful.
Ghidra is a software reverse engineering suite designed to analyze compiled binaries and reconstruct program logic without access to original source code. It provides an interactive environment for disassembly and decompilation, utilizing a platform-independent intermediate representation to maintain consistency across diverse hardware architectures. The framework supports automated binary analysis through programmatic routines, enabling the investigation of complex code patterns and security indicators. The platform distinguishes itself through a modular architecture that allows for extensiv
Transforms raw machine code into human-readable assembly instructions to simplify the study of diverse hardware architectures.
Geth is a comprehensive execution client for the Ethereum network, serving as a foundational node implementation that processes transactions, maintains the distributed ledger state, and participates in peer-to-peer consensus. It provides a robust infrastructure for synchronizing, validating, and serving blockchain data, utilizing a persistent Merkle Patricia Trie database to ensure the cryptographic integrity of historical records. As a sandboxed smart contract runtime, it executes bytecode according to deterministic protocol rules, enabling the deployment and interaction of decentralized appl
Extracts trace information to perform disassembly of virtual machine bytecode for auditing.
This project is a graphical Windows debugger designed for the analysis and manipulation of compiled binary applications. It functions as a comprehensive binary analysis suite, providing a real-time environment for inspecting CPU registers, monitoring memory states, and tracing instruction execution to investigate system-level software behavior. The tool distinguishes itself through an event-driven debugging loop that allows for precise process control and state modification during runtime. It supports advanced analysis techniques, including hardware-breakpoint injection for monitoring memory
Translates raw machine code into human-readable assembly instructions.
This is a Unix-based dotfiles repository providing a version-controlled collection of configuration files, environment variables, and shell aliases. Its primary purpose is to optimize macOS for software development by applying a curated set of system defaults and Zsh shell workflow enhancements. The project distinguishes itself through a comprehensive collection of macOS system defaults and specific configurations for the Zsh shell. It includes specialized Git workflow configurations and whitespace settings designed to standardize and accelerate version control operations across different env
Sets the assembly language flavor to Intel syntax to improve the readability of decompiled code in GDB.
Apktool is an Android APK reverse engineering tool designed to decode application packages into human-readable form and rebuild them after modification. It functions as a Dalvik bytecode disassembler and a resource decoder, transforming binary Android XML and DEX files into editable text and Smali representation. The project serves as an application rebuilder, packing modified resources and Smali code back into a functional Android application package. This capability enables the modification of application logic and resources for testing and deployment. The tool covers a broad surface of an
Translates Android Dalvik executable files into human-readable assembly language for analysis.
radare2 is a reverse engineering framework and binary analysis toolset. It functions as a multi-architecture disassembler, low-level binary debugger, and hexadecimal editor for inspecting executable structures and interpreting machine code when original source files are unavailable. The framework provides capabilities for decompiling machine instructions, performing symbolic analysis, and diffing binary files to identify structural changes across versions. It also includes a digital forensic analyzer and disk analyzer for browsing filesystem formats in userland. The toolset supports binary p
Translates machine code into assembly language to identify program structures across multiple hardware architectures.
Radare2 is a comprehensive framework for reverse engineering and analyzing compiled software. It provides a command-line environment designed for disassembling, debugging, and patching binary executables across a wide range of processor architectures and operating systems. The system distinguishes itself through a modular, plugin-based architecture that supports cross-platform analysis and automated workflows. It utilizes memory-mapped file access to enable efficient structural inspection and modification of binaries without requiring full file loads. By lifting machine instructions into a un
Translates raw machine instructions into human-readable assembly language to reveal underlying program logic.
Pwntools is a Python-based framework designed for rapid prototyping and automation in binary exploitation, reverse engineering, and security research. It serves as a comprehensive toolkit for interacting with local and remote processes, providing the primitives necessary to manage complex exploit workflows and streamline security analysis tasks. The framework distinguishes itself through its specialized capabilities for binary manipulation and automated exploit construction. It includes dedicated utilities for parsing executable file formats, assembling and disassembling machine code, and gen
Provides tools for assembling, disassembling, and patching machine code to support reverse engineering.
Mono is an open source implementation of the .NET Framework that provides a managed execution environment, base class libraries, and a cross-platform virtual machine. It serves as a compliant implementation of the ECMA Common Language Infrastructure standard, enabling the execution of intermediate language binaries across different operating systems. The project includes a complete toolset for C# development, featuring a command line compiler and CLI to transform source code into executable assemblies. It distinguishes itself with a flexible managed memory system that supports multiple automa
Provides a utility to convert compiled binaries back into human-readable format for logic analysis.
MAME is a vintage hardware emulation platform designed to recreate the circuitry of arcade games, computers, and consoles to run original software on modern devices. It functions as a retro gaming preservation framework for managing, verifying, and archiving ROM sets and disk images to ensure long-term software accessibility. The project features a system debugging tool for inspecting emulated memory, CPU registers, and execution flow via breakpoints and disassembly. It also includes a Lua-based automation layer that exposes core system state and hardware controls for custom behavior and anal
MAME translates binary opcodes from processor cores into human-readable assembly language and metadata.
Il2CppDumper is a reverse engineering tool that recovers original .NET assembly structure from Unity games compiled with il2cpp. It parses il2cpp binaries across multiple executable formats including ELF, Mach-O, PE, NSO, and WASM, and reconstructs the original DLL structure from embedded metadata tables, enabling decompilation and analysis of game code. The tool generates disassembler scripts for IDA, Ghidra, and Binary Ninja that apply recovered type definitions and structure layouts to the binary analysis. It also strips protection layers from memory-dumped libil2cpp.so files and simple PE
Creates IDA, Ghidra, and Binary Ninja scripts with type information for il2cpp binary analysis.
Capstone is a multi-architecture disassembly framework and binary analysis engine. It translates raw machine code from various CPU architectures, such as x86, ARM, and RISC-V, into human-readable assembly instructions. The engine distinguishes itself by providing instruction semantic decomposition, which lists implicit registers read and written, and the ability to customize instruction mnemonics to meet specific technical analysis standards. It also features resilient stream disassembly, allowing the process to resynchronize and continue after encountering invalid instructions or embedded da
Translates raw binary data into readable assembly instructions to analyze program functionality at the lowest level.
Capstone is a multi-architecture disassembly framework and binary translation system. It converts binary machine code into human-readable assembly instructions for a wide variety of hardware instruction set architectures and virtual machines. The framework supports a diverse range of targets, including x86, ARM, RISC-V, and MIPS, as well as virtual machine environments like WebAssembly and the Ethereum Virtual Machine. It functions as an instruction analysis tool capable of extracting granular decomposition data and semantic information from disassembled code. The engine is designed for low-
Converts binary machine code into human-readable assembly instructions for processor analysis.
Binaryen is a WebAssembly compiler toolchain and optimizer designed to transform, validate, and shrink binary modules. It provides a comprehensive intermediate representation framework that converts binary code into a single-assignment form to enable advanced program analysis and code transformation. The project includes a specialized transformation engine that applies iterative optimization passes to increase execution speed and reduce binary size. Additionally, it functions as a transpiler that translates WebAssembly binary modules into executable JavaScript for environments that lack nativ
Converts binary format data into human-readable text for analysis and debugging.
WebAssembly Binary Toolkit هو مجموعة من الأدوات لفحص والتحقق من وتحويل وحدات WebAssembly بين الصيغ الثنائية والمقروءة بشرياً. يتضمن مترجماً قائماً على المكدس (stack-based interpreter) لتنفيذ الوحدات، ومحولاً برمجياً (transpiler) يحول الملفات الثنائية إلى كود مصدر C وملفات ترويسة (headers). توفر مجموعة الأدوات مرافق لتجميع النصوص المقروءة بشرياً إلى وحدات ثنائية وتفكيك الملفات الثنائية إلى نصوص. يتميز بمنسق نصوص لتوحيد التعريفات في تمثيل مسطح قياسي، ويدعم تحويل الملفات الثنائية إلى صيغ S-expression. يغطي المشروع مجالات قدرات واسعة تشمل التلاعب بالملفات الثنائية، مثل تجريد أقسام البيانات الوصفية، وفحص الوحدات لاستخراج الإحصائيات الهيكلية ورموز التصحيح. كما يوفر أدوات تحقق للتأكد من صحة الملفات الثنائية وفقاً للمواصفات التقنية، وبيئة تشغيل لتنفيذ المنطق المتوافق مع WASI.
Converts binary function bodies into human-readable text to analyze low-level instructions and relocations.
This project is an Android RPA framework designed for automating user interfaces and system tasks on rooted Android devices using Python and ADB. It provides a suite of tools for rooted device management, allowing for programmatic control of system settings, application lifecycles, and shell command execution via a remote API. The framework distinguishes itself through a combination of dynamic instrumentation and AI integration. It can inject scripts into running processes to hook Java interfaces and modifies application behavior in real time. Additionally, it supports large language model in
Converts machine code into human-readable assembly using embedded disassembly libraries and CPU simulation.
seL4 is a formally verified microkernel whose C implementation is backed by machine-checked mathematical proofs of correctness, confidentiality, integrity, and availability. It enforces strict isolation between processes through hardware-enforced address space separation and a capability-based access control system, where each process holds explicit rights only to the resources it has been granted. The kernel exposes hardware resources through a minimal API of system calls that manage threads, address spaces, and inter-process communication, with synchronous IPC supporting sender-identifying b
Generates human-readable assembly listings from kernel or application ELF files.
LIEF هو إطار عمل لتحليل وتعديل وتحليل تنسيقات الملفات الثنائية القابلة للتنفيذ وذاكرات التخزين المؤقت المشتركة للنظام عبر منصات متعددة. يعمل كمكتبة عبر المنصات للتلاعب البرمجي بملفات ELF وPE وMachO الثنائية. يوفر المشروع أدوات لتغيير البنية الداخلية وأقسام الملفات القابلة للتنفيذ لتغيير سلوك البرنامج. كما يتضمن محللاً مخصصاً لاستعادة المكتبات الديناميكية الفردية من ذاكرات التخزين المؤقت المشتركة للنظام المدمجة. تغطي مجموعة الأدوات تحليل الملفات القابلة للتنفيذ، وتفكيك كود الآلة، واستخراج بيانات التصحيح الوصفية ومعلومات الرموز. كما تدعم الترجمة ثنائية الاتجاه لكود الآلة والتجميع عبر بنيات معالجات مختلفة.
Translates machine code from various processor architectures into human-readable assembly language.
Miasm هو إطار عمل Python للهندسة العكسية مصمم لتحليل الملفات الثنائية (binary)، والتفكيك (disassembly)، والتعديل. يعمل كإطار عمل لتحليل الملفات الثنائية يقوم برفع كود الآلة إلى تمثيل وسيط لتمكين أبحاث الأمن المستقلة عن المنصة. يعمل النظام كمحرك محاكاة ثنائي ومجموعة أدوات تعديل، مما يسمح بتنفيذ الكود الثنائي في بيئة افتراضية لتتبع تغييرات الحالة دون الحاجة إلى أجهزة فعلية. ويوفر أدوات لتصحيح الملفات الثنائية (patching) لتحديث وتعديل الملفات الثنائية الخام عبر معماريات CPU وتنسيقات تنفيذية متعددة. يغطي إطار العمل قدرات التفكيك، ورفع التمثيل الوسيط، والتبسيط الدلالي لإزالة التعتيم الثنائي. كما يتضمن دعماً لتحليل تنسيق الملفات الثنائية وتعيين الذاكرة لتتبع المراجع والتخطيط أثناء تحليل البرامج المجمعة.
Convert raw binary bytes into human-readable assembly instructions to reveal the underlying logic of a program.