awesome-repositories.com
المدونة
awesome-repositories.com

اكتشف أفضل مستودعات المصادر المفتوحة باستخدام بحث مدعوم بالذكاء الاصطناعي.

استكشفعمليات بحث منسقةبدائل مفتوحة المصدربرمجيات ذاتية الاستضافةالمدونةخريطة الموقع
المشروعحولكيفية ترتيب النتائجالصحافةخادم MCP
قانونيالخصوصيةالشروط
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

تحليل البرمجيات الخبيثة والهندسة العكسية

تم تحديث الترتيب في 23 يونيو 2026

For تحليل البرمجيات الخبيثة والهندسة العكسية, the strongest matches are x64dbg/x64dbg (This project is a graphical Windows debugger designed for), skylot/jadx (Jadx is a comprehensive Java decompilation suite designed to) and avast-tl/retdec (Retdec is an LLVM-based machine code decompiler and static). smicallef/spiderfoot and nationalsecurityagency/ghidra round out the shortlist. Each is ranked by relevance to your query, popularity and recent activity.

استكشف الأدوات مفتوحة المصدر لتحليل البرمجيات الخبيثة، وتفكيك الملفات الثنائية (binaries)، وإجراء البحوث الأمنية المتقدمة.

تحليل البرمجيات الخبيثة والهندسة العكسية

اعثر على أفضل المستودعات باستخدام الذكاء الاصطناعي.سنبحث عن أفضل المستودعات المطابقة باستخدام الذكاء الاصطناعي.
  • x64dbg/x64dbgالصورة الرمزية لـ x64dbg

    x64dbg/x64dbg

    48,652عرض على GitHub↗

    This project is a graphical Windows debugger designed for the analysis and manipulation of compiled binary applications. It functions as a comprehensive binary analysis suite, providing a real-time environment for inspecting CPU registers, monitoring memory states, and tracing instruction execution to investigate system-level software behavior. The tool distinguishes itself through an event-driven debugging loop that allows for precise process control and state modification during runtime. It supports advanced analysis techniques, including hardware-breakpoint injection for monitoring memory

    C++Binary Analysis ToolsDebuggersSystem Debugging
    عرض على GitHub↗48,652
  • skylot/jadxالصورة الرمزية لـ skylot

    skylot/jadx

    49,088عرض على GitHub↗

    Jadx is a comprehensive Java decompilation suite designed to transform compiled binary application files into readable source code. It functions as a static analysis workbench, providing a graphical interface for navigating, searching, and inspecting the internal logic of complex software packages. By utilizing a bytecode-to-Java pipeline, the project reconstructs high-level logical structures from low-level binary instructions, making it a primary tool for Android application reverse engineering. The project distinguishes itself through a sophisticated control flow reconstruction engine and

    JavaDecompilersStatic Analysis WorkbenchesControl Flow Analysis Engines
    عرض على GitHub↗49,088
  • avast-tl/retdecالصورة الرمزية لـ avast-tl

    avast-tl/retdec

    8,556عرض على GitHub↗

    Retdec is an LLVM-based machine code decompiler and static binary analysis tool designed for binary reverse engineering. It translates binary executable code into high-level representations to facilitate the reconstruction of program logic from compiled machine code. The system utilizes a retargetable frontend architecture and a multi-stage lifting pipeline to convert raw bytes into a common intermediate language. It differentiates custom program logic from known library code through signature-based identification and provides utilities for binary symbol demangling to restore human-readable n

    C++DecompilersReverse Engineering ToolsBinary Logic Analysis
    عرض على GitHub↗8,556
  • smicallef/spiderfootالصورة الرمزية لـ smicallef

    smicallef/spiderfoot

    18,189عرض على GitHub↗

    SpiderFoot is an open-source reconnaissance and intelligence automation framework designed to streamline the collection and correlation of data for security investigations. It functions as a comprehensive platform that automates the querying of hundreds of public data sources to map digital footprints, identify exposed assets, and uncover potential security threats across an organization's external perimeter. The platform distinguishes itself through a modular, plugin-based architecture that executes data gathering tasks in parallel, supported by a directed graph data model that tracks relati

    PythonAttack Surface ManagementCredential Monitoring ServicesInvestigation Orchestration
    عرض على GitHub↗18,189
  • nationalsecurityagency/ghidraالصورة الرمزية لـ NationalSecurityAgency

    NationalSecurityAgency/ghidra

    69,740عرض على GitHub↗

    Ghidra is a software reverse engineering suite designed to analyze compiled binaries and reconstruct program logic without access to original source code. It provides an interactive environment for disassembly and decompilation, utilizing a platform-independent intermediate representation to maintain consistency across diverse hardware architectures. The framework supports automated binary analysis through programmatic routines, enabling the investigation of complex code patterns and security indicators. The platform distinguishes itself through a modular architecture that allows for extensiv

    JavaBinary Analysis FrameworksBinary DisassemblyBytecode
    عرض على GitHub↗69,740
  • vxunderground/malwaresourcecodeالصورة الرمزية لـ vxunderground

    vxunderground/MalwareSourceCode

    18,415عرض على GitHub↗

    This project is a curated archive and cybersecurity research dataset of raw source code from various malware families. It serves as a malware analysis library designed to help researchers study the inner workings of different threats and identify attack patterns across multiple platforms and programming languages. The repository supports security research by providing raw text distribution of original source code. This allows for the study of platform vulnerabilities, threat intelligence gathering, and the development of security products and detection signatures. The collection is organized

    AssemblyCybersecurity DatasetsMalware AnalysisMalware Corpora
    عرض على GitHub↗18,415
  • dnspy/dnspyالصورة الرمزية لـ dnSpy

    dnSpy/dnSpy

    28,993عرض على GitHub↗

    dnSpy is a desktop application designed for the analysis, debugging, and modification of compiled .NET assemblies. It functions as an assembly analysis suite and decompiler, translating binary instruction streams back into readable source code to facilitate reverse engineering when original source files are unavailable. The tool distinguishes itself through an integrated binary patching engine and metadata editor, which allow for the direct modification of executable logic and internal metadata tables. It supports in-process debugging instrumentation, enabling users to inject runtime hooks, s

    C#DebuggersDecompilersReverse Engineering Tools
    عرض على GitHub↗28,993
  • hasherezade/pe-sieveالصورة الرمزية لـ hasherezade

    hasherezade/pe-sieve

    3,559عرض على GitHub↗

    pe-sieve is a set of diagnostic tools for scanning Windows process memory to identify malicious implants, shellcode, and hooks. It functions as an in-memory implant detector, malware unpacker, and process callstack analyzer designed to locate and dump memory patches and injected code from running processes. The project identifies advanced evasion techniques, such as process hollowing and reflective injection, by verifying portable executable structures in memory. It distinguishes itself by analyzing process callstacks to detect anomalies and redirections and by reconstructing executable heade

    C++Injection DetectionMalware AnalysisCallstack Anomaly Detection
    عرض على GitHub↗3,559
  • ytisf/thezooالصورة الرمزية لـ ytisf

    ytisf/theZoo

    13,126عرض على GitHub↗

    TheZoo is a centralized repository and management system designed for the storage, organization, and retrieval of live malicious software samples. It provides a structured environment for security researchers and educators to access, track, and analyze dangerous code for the purpose of threat intelligence and defense development. The system utilizes a command-line interface to manage the lifecycle of malware samples, including the preparation of new submissions and the querying of a centralized database. To ensure safety and authenticity, the platform stores binaries in password-protected, en

    PythonMalware RepositoriesResearch RepositoriesMalware Analysis Workflows
    عرض على GitHub↗13,126
  • huiyadanli/revokemsgpatcherالصورة الرمزية لـ huiyadanli

    huiyadanli/RevokeMsgPatcher

    37,926عرض على GitHub↗

    RevokeMsgPatcher is a binary patching utility designed to modify the execution logic of desktop messaging applications. By applying low-level changes to compiled executable files and libraries, the tool enables functionality not natively supported by the original software, specifically focusing on message persistence and process management. The utility distinguishes itself through targeted binary instrumentation and control flow redirection. It identifies specific function patterns and memory offsets within proprietary software to inject custom assembly instructions. These modifications allow

    C#Message Recall Prevention ToolsReverse Engineering ToolsMessaging Client Enhancers
    عرض على GitHub↗37,926
  • rapid7/metasploit-frameworkالصورة الرمزية لـ rapid7

    rapid7/metasploit-framework

    38,415عرض على GitHub↗

    The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to

    RubyPenetration Testing PlatformsExploit FrameworksExploitation Frameworks
    عرض على GitHub↗38,415
  • mandiant/flare-flossالصورة الرمزية لـ mandiant

    mandiant/flare-floss

    3,886عرض على GitHub↗

    Flare-floss is a security utility and static binary string extractor designed to uncover hidden text and configuration data within compiled binaries. It functions as an obfuscated string decoder and reverse engineering tool to translate encoded strings into readable text for security auditing. The project employs emulated execution to capture the decrypted state of strings in memory by running small chunks of binary code in a virtual CPU. It further utilizes static analysis disassembly, intermediate representation analysis, and heuristic-based pattern matching to identify and decode strings t

    PythonMalware AnalysisBinary Pattern MatchingBinary String Decoders
    عرض على GitHub↗3,886
  • z4nzu/hackingtoolالصورة الرمزية لـ Z4nzu

    Z4nzu/hackingtool

    77,515عرض على GitHub↗

    This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating ext

    PythonExploit FrameworksHash Cracking ToolsPenetration Testing Suites
    عرض على GitHub↗77,515
  • radare/radare2الصورة الرمزية لـ radare

    radare/radare2

    24,129عرض على GitHub↗

    radare2 is a reverse engineering framework and binary analysis toolset. It functions as a multi-architecture disassembler, low-level binary debugger, and hexadecimal editor for inspecting executable structures and interpreting machine code when original source files are unavailable. The framework provides capabilities for decompiling machine instructions, performing symbolic analysis, and diffing binary files to identify structural changes across versions. It also includes a digital forensic analyzer and disk analyzer for browsing filesystem formats in userland. The toolset supports binary p

    CMulti-Architecture EnginesReverse Engineering ToolsAnalysis Shells
    عرض على GitHub↗24,129
  • swisskyrepo/payloadsallthethingsالصورة الرمزية لـ swisskyrepo

    swisskyrepo/PayloadsAllTheThings

    78,434عرض على GitHub↗

    This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data i

    PythonCommunity-Sourced Knowledge BasesOffensive Security CheatsheetsRemote File Inclusion Payloads
    عرض على GitHub↗78,434
  • sensepost/objectionالصورة الرمزية لـ sensepost

    sensepost/objection

    8,896عرض على GitHub↗

    Objection is a dynamic instrumentation framework and runtime exploration toolkit for mobile application security analysis. It provides a command-line interface to interact with the memory and state of iOS and Android applications during active execution, serving as a toolkit for runtime analysis and security testing. The project distinguishes itself by providing specialized capabilities to bypass common mobile security controls, including SSL pinning, biometric authentication, and root or jailbreak detection. It enables the extraction of sensitive credentials and data from secure storage syst

    PythonDynamic Binary InstrumentationMobile Runtime Exploration ToolkitsBinary Instrumentation
    عرض على GitHub↗8,896
  • sqlmapproject/sqlmapالصورة الرمزية لـ sqlmapproject

    sqlmapproject/sqlmap

    37,676عرض على GitHub↗

    This project is an automated security testing suite designed to detect and exploit database vulnerabilities. It functions as a command-line utility that streamlines the identification, verification, and exploitation of web application flaws by automating the injection of malicious payloads into input parameters. The tool provides a comprehensive framework for database enumeration, allowing users to extract schema information, user data, and system configurations from identified injection points. What distinguishes this tool is its sophisticated engine for dynamic payload adaptation and heuris

    PythonInjection TestersSQL Injection ToolsDatabase Enumerators
    عرض على GitHub↗37,676
  • virustotal/yaraالصورة الرمزية لـ VirusTotal

    VirusTotal/yara

    9,420عرض على GitHub↗

    YARA is a pattern matching engine and binary analysis tool used to identify and classify malware samples. It functions as a malware research framework that allows for the definition of file descriptions and detection rules to find indicators of compromise within binaries. The system enables the creation of custom detection rules using strings, wildcards, and regular expressions. These rules use boolean logic to match textual or binary patterns, allowing for the classification of files into specific malware families and the automation of threat intelligence. The engine utilizes Aho-Corasick s

    CMalware Research FrameworksPattern Matching EnginesBinary Analysis Tools
    عرض على GitHub↗9,420
  • topjohnwu/magiskالصورة الرمزية لـ topjohnwu

    topjohnwu/Magisk

    60,989عرض على GitHub↗

    Magisk is an Android rooting framework designed to manage system-level modifications and grant administrative access to mobile devices. It functions by patching boot and recovery images to inject custom code into the operating system initialization sequence, allowing for system-wide control while maintaining compatibility with the underlying hardware. The project distinguishes itself through a systemless modification layer that overlays a virtual file system on top of read-only partitions, enabling changes without altering core system files. It includes a policy daemon to manage security cont

    KotlinAndroid Rooting FrameworksDevice Modification ManagersFirmware Customization Tools
    عرض على GitHub↗60,989
  • hugsy/gefالصورة الرمزية لـ hugsy

    hugsy/gef

    8,020عرض على GitHub↗

    GEF is a Python-based extension for GDB that serves as a framework for binary analysis, exploit development, and low-level debugging. It functions as a dynamic analysis extension designed to assist in reverse engineering workflows and malware analysis by enhancing the debugger's ability to inspect process state and memory. The project is distinguished by its specialized heap analysis tools, which allow for the inspection of glibc heap arenas, bins, and chunks to detect memory corruption. It also provides a dedicated toolkit for exploit development, including cyclic pattern generation for offs

    PythonBinary Analysis FrameworksDebugger Execution InterfacesGDB Extensions
    عرض على GitHub↗8,020
  • werwolv/imhexالصورة الرمزية لـ WerWolv

    WerWolv/ImHex

    53,892عرض على GitHub↗

    ImHex is a professional-grade hex editor and binary data analysis platform designed for inspecting, modifying, and reverse engineering raw file contents. It functions as a schema-driven engine that interprets complex binary structures by applying custom definitions to map and visualize byte-level data. The platform distinguishes itself through a dedicated domain-specific language that allows users to define structural schemas for automated file parsing. This capability is supported by a dynamic plugin architecture and an event-driven registry, which enable the integration of external modules

    C++Binary Data AnalysisBinary Data ParsersBinary File Inspectors
    عرض على GitHub↗53,892
  • emanuele-f/pcapdroidالصورة الرمزية لـ emanuele-f

    emanuele-f/PCAPdroid

    4,133عرض على GitHub↗

    PCAPdroid is an Android network traffic analyzer and packet capture tool that operates without requiring root access. It functions as a VPN-based firewall and network controller, capable of recording traffic in PCAPng format and blocking connections to specific domains or malicious hosts. The project distinguishes itself through a proxy-based system for decrypting TLS traffic and routing device network traffic through SOCKS5 proxies or the Tor network. It further allows for the modification of live HTTP requests and responses via custom scripts. Its capabilities cover application connection

    JavaAndroid Network MonitoringLocal Packet CapturesLocal-VPN Packet Processing
    عرض على GitHub↗4,133
  • revanced/revanced-managerالصورة الرمزية لـ ReVanced

    ReVanced/revanced-manager

    25,932عرض على GitHub↗

    ReVanced Manager is an Android application patcher designed to modify compiled mobile binaries. It enables users to inject custom features, alter runtime behavior, and remove interface elements without requiring access to original source code. The utility distinguishes itself by performing all operations locally on the user device, ensuring privacy by avoiding external server dependencies. It automates the entire modification lifecycle, including the retrieval of application files, the application of bytecode-level patches, and the generation of new cryptographic signatures to ensure the resu

    DartBinary PatchersMobile Device Control UtilitiesBehavior Modifiers
    عرض على GitHub↗25,932
  • fireeye/flare-vmالصورة الرمزية لـ fireeye

    fireeye/flare-vm

    8,768عرض على GitHub↗

    Flare-VM is a collection of scripts and an orchestrator designed to automate the installation and configuration of a reverse engineering toolset on Windows virtual machines. It functions as a provisioning system that deploys a consistent environment for malware analysis and security research on guest operating systems. The project utilizes a configuration manager and a graphical interface to allow for the selection of specific software packages and environment variables. It employs a curated manifest to manage the installation of compatible security tools and modifies system registries and ta

    PowerShellAutomated ProvisioningInstallation ScriptsMalware Analysis
    عرض على GitHub↗8,768
  • valdikss/goodbyedpiالصورة الرمزية لـ ValdikSS

    ValdikSS/GoodbyeDPI

    27,936عرض على GitHub↗

    GoodbyeDPI is a censorship circumvention utility designed to bypass deep packet inspection and restrictive network filtering. It functions as a background engine that intercepts and modifies network traffic at the kernel level, allowing users to maintain connectivity in environments where specific protocols or web content are blocked. The tool employs active manipulation techniques to confuse inspection hardware, including TCP stream fragmentation, HTTP header obfuscation, and the injection of out-of-order packets. By altering packet structures and dropping specific redirection patterns, it m

    CCensorship Circumvention ToolsDPI Evasion ToolsActive DPI Circumvention
    عرض على GitHub↗27,936
  • extremecoders-re/pyinstxtractorالصورة الرمزية لـ extremecoders-re

    extremecoders-re/pyinstxtractor

    4,119عرض على GitHub↗

    pyinstxtractor is a PyInstaller executable unpacker and Python bytecode recovery tool. It functions as a helper for decompiling compiled Python binaries by extracting bundled binaries and bytecode from executables created with PyInstaller. The project includes a bytecode decryptor to remove encryption from extracted files and a header repair tool that restores corrupted headers. These capabilities ensure that extracted compiled files are compatible with bytecode decompilation software. The utility covers reverse engineering of Python applications, supporting malware analysis workflows throug

    PythonBinary UnpackingBytecode DecryptorsBytecode Decryptors
    عرض على GitHub↗4,119
  • go-delve/delveالصورة الرمزية لـ go-delve

    go-delve/delve

    24,605عرض على GitHub↗

    Delve is a command-line debugger designed for programs written in the Go programming language. It provides an interactive interface for runtime analysis, allowing developers to control program execution, inspect memory and variable states, and navigate call stacks to identify logic errors. The tool distinguishes itself through deep integration with the Go runtime, specifically by providing goroutine-aware stack unwinding and the ability to manage concurrent execution threads. It utilizes a client-server protocol to decouple the debugger engine from the user interface, enabling both local and

    GoDebuggersRuntime DebuggersExecution Controllers
    عرض على GitHub↗24,605
  • jonaslejon/malicious-pdfالصورة الرمزية لـ jonaslejon

    jonaslejon/malicious-pdf

    4,070عرض على GitHub↗

    This project is a set of specialized utilities for generating malformed documents, obfuscating payloads, and crafting specific attack vectors to evaluate the resilience of security scanners. It functions as a PDF fuzzing framework and security testing tool designed to create PDF files with embedded payloads for verifying how document viewers and web applications handle vulnerabilities. The toolkit provides capabilities for encoding and hiding malicious content to test the detection effectiveness of security scanners. It includes a security payload generator for crafting specific attack vector

    PythonPDF Security TestingAdversarial Document GenerationAttack Vector Libraries
    عرض على GitHub↗4,070
  • gitleaks/gitleaksالصورة الرمزية لـ gitleaks

    gitleaks/gitleaks

    24,973عرض على GitHub↗

    Gitleaks is a security scanning engine designed to identify hardcoded credentials, API keys, and other sensitive information within version control systems and local file structures. It functions as a static analysis tool that automates the detection of secrets, helping to prevent the accidental exposure of sensitive data during the development lifecycle. The tool distinguishes itself through its ability to perform deep forensic analysis of git history, allowing users to audit entire project timelines or enforce security gates within continuous integration pipelines. It supports complex detec

    GoSecret DetectionSecret Scanning EnginesAutomated Code Review
    عرض على GitHub↗24,973
  • cryakl/ultimate-rat-collectionالصورة الرمزية لـ Cryakl

    Cryakl/Ultimate-RAT-Collection

    3,558عرض على GitHub↗

    This project is a curated repository of remote access trojan binaries and malware samples. It serves as a structured analysis dataset and security research toolset designed for studying the behavior and inner workings of remote administration tools. The collection provides a versioned archive of malware samples and backdoor interfaces, with specific categorizations for target platforms including Windows and Android. It organizes these binaries to facilitate the study of malware evolution and the identification of technical patterns. The repository covers several security research areas, incl

    Malware RepositoriesMalware AnalysisMalware Corpora
    عرض على GitHub↗3,558
  • ungoogled-software/ungoogled-chromiumالصورة الرمزية لـ ungoogled-software

    ungoogled-software/ungoogled-chromium

    26,944عرض على GitHub↗

    Ungoogled Chromium is a desktop web browser derived from the open-source Chromium codebase, modified to remove all background communication with external services and proprietary dependencies. It functions as a privacy-focused distribution that ensures user data remains local by eliminating telemetry hooks and data collection integrations. The project distinguishes itself through extensive source-code pruning and domain-substitution patching, which replace hardcoded service URLs with non-functional placeholders to prevent unauthorized data transmission. It further hardens the browser runtime

    PythonPrivacy-Focused Web BrowsersDe-Googled Browser DistributionsPrivacy-Focused Browsing
    عرض على GitHub↗26,944
  • ibotpeaches/apktoolالصورة الرمزية لـ iBotPeaches

    iBotPeaches/Apktool

    24,788عرض على GitHub↗

    Apktool is an Android APK reverse engineering tool designed to decode application packages into human-readable form and rebuild them after modification. It functions as a Dalvik bytecode disassembler and a resource decoder, transforming binary Android XML and DEX files into editable text and Smali representation. The project serves as an application rebuilder, packing modified resources and Smali code back into a functional Android application package. This capability enables the modification of application logic and resources for testing and deployment. The tool covers a broad surface of an

    JavaAndroid App RebuildingAndroid AnalysisAndroid Application Modding
    عرض على GitHub↗24,788
  • danielmiessler/seclistsالصورة الرمزية لـ danielmiessler

    danielmiessler/SecLists

    71,596عرض على GitHub↗

    SecLists is a centralized library of security assessment data designed to support vulnerability discovery and penetration testing. It functions as a comprehensive repository of wordlists, payloads, and testing methodologies used to audit software, firmware, and internet-connected hardware for technical vulnerabilities. The project distinguishes itself through a standardized taxonomy and a language-agnostic data format, which allows security tools to predictably ingest and utilize its assets regardless of the underlying programming environment. By decoupling raw testing data from execution log

    PHPSecurity WordlistsVulnerability Assessment and TestingAwesome List
    عرض على GitHub↗71,596
  • avast/retdecالصورة الرمزية لـ avast

    avast/retdec

    8,556عرض على GitHub↗

    RetDec is a reverse engineering framework and static binary analysis tool. Its primary purpose is to function as an LLVM-based machine code decompiler that translates binary machine code from multiple architectures into high-level C source code. The system employs a multi-stage lifting pipeline to recover program logic, using an intermediate representation to apply optimizations before emitting source code. It distinguishes itself through the ability to identify compilers and packers, perform executable unpacking, and reconstruct class hierarchies and original program structures. The framewo

    C++Binary DecompilersMachine Code DecompilersBinary Lifting
    عرض على GitHub↗8,556
  • termux/termux-appالصورة الرمزية لـ termux

    termux/termux-app

    56,464عرض على GitHub↗

    Termux is a mobile terminal emulator and Linux environment runtime that provides a full command-line interface directly on Android devices. It functions as a comprehensive platform for executing native binaries and scripts, featuring an integrated package management system that allows users to download, install, and manage open-source software repositories to extend device functionality. The project distinguishes itself by acting as an embedded execution library, enabling third-party applications to integrate terminal and package management capabilities into their own interfaces without requi

    JavaEmbedded Terminal EnvironmentsTerminal EmulatorsPackage Management Systems
    عرض على GitHub↗56,464
  • 0xd4d/de4dotالصورة الرمزية لـ 0xd4d

    0xd4d/de4dot

    7,426عرض على GitHub↗

    de4dot is a .NET deobfuscator, unpacker, and assembly analysis tool. It is designed to remove obfuscation layers, restore metadata, and simplify bytecode control flow to transform protected binaries back into human-readable code. The project features specialized systems for decrypting strings and constants using both static and dynamic analysis. It identifies specific protection tools through pattern-based detection and strips anti-analysis protections, such as tamper detection and anti-debugging code. The tool provides a suite of reverse engineering capabilities, including binary wrapper un

    C#.NET Assembly DeobfuscationDeobfuscation Tools.NET Assembly Analysis
    عرض على GitHub↗7,426
  • aquasecurity/trivyالصورة الرمزية لـ aquasecurity

    aquasecurity/trivy

    36,462عرض على GitHub↗

    Trivy is a comprehensive security scanner designed to identify vulnerabilities and misconfigurations across container images, filesystems, and infrastructure as code files. It functions as a software composition analysis tool and an infrastructure security scanner, providing automated checks for CI/CD pipelines and cloud environments to ensure the integrity of the software supply chain. The tool distinguishes itself through a modular, plugin-based architecture that allows for the independent inspection of diverse targets. It utilizes a declarative policy engine to evaluate configurations agai

    GoContainer Security ScannersVulnerability ScannersInfrastructure as Code Scanners
    عرض على GitHub↗36,462
  • rshipp/awesome-malware-analysisالصورة الرمزية لـ rshipp

    rshipp/awesome-malware-analysis

    13,864عرض على GitHub↗

    This project is a comprehensive, community-driven directory of open-source tools, datasets, and documentation for malware analysis and cybersecurity research. It serves as a centralized index for security professionals and researchers to locate resources for investigating, reverse engineering, and analyzing malicious software. The directory organizes information through a structured taxonomy, covering specialized domains such as memory forensics, network traffic inspection, and honeypot threat research. By aggregating links to external utilities and frameworks, it provides a platform-agnostic

    Awesome ListMalware AnalysisSecurity Research Directories
    عرض على GitHub↗13,864
  • massgravel/microsoft-activation-scriptsالصورة الرمزية لـ massgravel

    massgravel/Microsoft-Activation-Scripts

    178,586عرض على GitHub↗

    This project is a collection of batch-based automation tools designed for managing software licensing, system configuration, and deployment. It provides a comprehensive toolkit for authorizing operating systems and productivity suites through various methods, including digital licensing, volume activation, and key management service emulation. The toolkit distinguishes itself by offering specialized routines for both modern and legacy software environments. It employs advanced techniques such as hardware identity generation, dynamic memory hooking, and registry-level state manipulation to mai

    BatchfileActivation AutomatorsPermanent Digital LicensingWindows Configuration Management
    عرض على GitHub↗178,586
  • mobsf/mobile-security-framework-mobsfالصورة الرمزية لـ MobSF

    MobSF/Mobile-Security-Framework-MobSF

    21,224عرض على GitHub↗

    Mobile Security Framework is an automated security testing platform designed for the analysis of Android, iOS, and Windows mobile application binaries. It functions as a comprehensive suite for identifying security vulnerabilities, privacy risks, and malicious code within mobile software packages. The framework distinguishes itself by combining static and dynamic analysis techniques to evaluate application behavior. It performs static inspection of source code and binaries to detect insecure patterns, while simultaneously utilizing dynamic instrumentation and containerized sandboxing to monit

    JavaScriptMobile Application ScannersMalware Analysis ToolsStatic and Dynamic Analysis Suites
    عرض على GitHub↗21,224
  • square/leakcanaryالصورة الرمزية لـ square

    square/leakcanary

    29,923عرض على GitHub↗

    LeakCanary is a diagnostic tool designed to identify memory leaks by monitoring object lifecycles and analyzing heap snapshots. It automatically detects objects that fail to be garbage collected after their expected lifespan, providing developers with actionable insights to prevent performance degradation and application crashes. The project distinguishes itself by offloading memory-intensive heap parsing to a separate background process, which minimizes performance impact on the main application during runtime. It includes sophisticated deobfuscation capabilities that map obfuscated stack tr

    KotlinMemory Leak DetectionDebugging and InspectionDeveloper Utilities
    عرض على GitHub↗29,923
  • gorhill/ublockالصورة الرمزية لـ gorhill

    gorhill/uBlock

    65,524عرض على GitHub↗

    uBlock is a browser-based content blocker that functions as a declarative filtering engine to intercept network requests and modify web page content. It operates by parsing standardized filter lists into optimized data structures, allowing it to block network hosts, enforce security policies, and prevent unauthorized data transmission. The extension provides a comprehensive security layer that monitors outgoing traffic and disables intrusive browser features to enhance user privacy. What distinguishes this project is its granular control over filtering behavior through a dynamic rule orchestr

    JavaScriptDeclarative Filtering EnginesNetwork Host BlockersBrowser Privacy Configurations
    عرض على GitHub↗65,524
  • pxb1988/dex2jarالصورة الرمزية لـ pxb1988

    pxb1988/dex2jar

    13,112عرض على GitHub↗

    dex2jar is an Android dex decompiler and reverse engineering tool designed to convert Dalvik executable bytecode into Java class files. It functions as a bytecode converter that transforms compiled Android binaries into a format compatible with standard Java analysis tools. The project facilitates Android app decompilation and Java bytecode recovery by translating executable files into readable structures. This allows for the analysis of application logic and the identification of security vulnerabilities or malicious behavior during Android malware analysis. The tool performs static bytecod

    JavaJava Reverse Engineering ToolsBytecode ConvertersBytecode Translators
    عرض على GitHub↗13,112
  • koalaman/shellcheckالصورة الرمزية لـ koalaman

    koalaman/shellcheck

    39,574عرض على GitHub↗

    This project is a static analysis tool and linter designed to improve the quality, reliability, and portability of shell scripts. By performing deep structural analysis, it identifies common programming pitfalls, syntax errors, and security vulnerabilities before scripts are executed. It functions as an automated code reviewer that enforces best practices and helps developers maintain consistent, robust code across different operating environments. The tool distinguishes itself through its dialect-aware grammar resolution, which adapts its parsing logic based on the specific shell interpreter

    HaskellLinters & FormattersStatic Analysis ToolsCompatibility Testers
    عرض على GitHub↗39,574
  • icsharpcode/ilspyالصورة الرمزية لـ icsharpcode

    icsharpcode/ILSpy

    25,447عرض على GitHub↗

    ILSpy is a .NET decompiler and binary analyzer designed to convert compiled .NET assemblies back into readable C# source code. It functions as a metadata explorer and a common intermediate language viewer, enabling the analysis of compiled code and the execution of reverse engineering workflows. The project distinguishes itself through specialized translation capabilities, such as converting compiled binary XML (BAML) back into human-readable XAML for user interface analysis. It also provides tools for inspecting native machine code and extracting metadata from program database (PDB) files.

    C#.NET Binary Decompilers.NET Decompilers.NET Metadata Explorers
    عرض على GitHub↗25,447
  • zbezj/heu_kms_activatorالصورة الرمزية لـ zbezj

    zbezj/HEU_KMS_Activator

    41,965عرض على GitHub↗

    HEUKMSActivator is a software license management tool designed to automate the registration and validation of product keys for operating systems and productivity software suites. It functions as a system configuration manager, modifying registry settings and service states to align software licensing status with specific deployment requirements. The utility distinguishes itself through low-level system manipulation, including the injection of signed drivers into memory to intercept license verification routines. It employs memory patching to bypass security checks without altering files on

    License Management SystemsHardware DriversBinary Patchers
    عرض على GitHub↗41,965
  • valinet/explorerpatcherالصورة الرمزية لـ valinet

    valinet/ExplorerPatcher

    32,948عرض على GitHub↗

    ExplorerPatcher is a system utility designed to modify the behavior of the Windows shell by injecting custom code into core operating system processes. It functions as a background patching tool that intercepts internal function calls and replaces modern interface components with legacy alternatives, allowing for the restoration of traditional taskbar, menu, and task switcher behaviors. The project distinguishes itself through its use of dynamic link library injection and side-by-side binary replacement to alter the desktop environment at runtime. By redirecting execution flow within the syst

    CClassic Shell RestorersShells & ScriptingBinary Patchers
    عرض على GitHub↗32,948
  • trimstray/the-book-of-secret-knowledgeالصورة الرمزية لـ trimstray

    trimstray/the-book-of-secret-knowledge

    228,641عرض على GitHub↗

    This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal

    Awesome ListHyperlink-Centric Knowledge MapsSystem Administration Operations
    عرض على GitHub↗228,641
قارن بين أفضل 10 في لمحة
المستودعالنجوماللغةالترخيصآخر تحديث
x64dbg/x64dbg48.7KC++NOASSERTION1 يونيو 2026
skylot/jadx49.1KJavaApache-2.014 يونيو 2026
avast-tl/retdec8.6KC++MIT26 مايو 2026
smicallef/spiderfoot18.2KPythonMIT13 أبريل 2026
nationalsecurityagency/ghidra69.7KJavaApache-2.015 يونيو 2026
vxunderground/malwaresourcecode18.4KAssembly—30 مايو 2026
dnspy/dnspy29KC#—20 ديسمبر 2020
hasherezade/pe-sieve3.6KC++bsd-2-clause31 أكتوبر 2025
ytisf/thezoo13.1KPythonNOASSERTION1 أبريل 2026
huiyadanli/revokemsgpatcher37.9KC#GPL-3.011 مايو 2026

Related searches

  • بيئة معزولة (Sandbox) لتحليل البرمجيات الخبيثة
  • مجموعة أدوات لفك ضغط الملفات الثنائية
  • التحقيقات الرقمية والاستجابة للحوادث
  • مفكك برمجيات تفاعلي (Disassembler)
  • أداة للتحقيقات الرقمية وتحليل الذاكرة
  • أداة لتفكيك الملفات الثنائية المجمعة (Disassembler)
  • مجموعة أدوات لقواعد كشف البرمجيات الخبيثة
  • برنامج مضاد فيروسات مفتوح المصدر لحماية النظام