Open-source alternatives to Pyrebox

Ghidra is a software reverse engineering suite designed to analyze compiled binaries and reconstruct program logic without access to original source code. It provides an interactive environment for disassembly and decompilation, utilizing a platform-independent intermediate representation to maintain consistency across diverse hardware architectures. The framework supports automated binary analysis through programmatic routines, enabling the investigation of complex code patterns and security indicators. The platform distinguishes itself through a modular architecture that allows for extensiv

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

dnSpy is a specialized toolset for the reverse engineering, analysis, and modification of compiled .NET binaries. It functions as a decompiler that converts assemblies back into readable high-level source code, an assembly editor for modifying bytecode and metadata, and a debugger for inspecting compiled binaries. The project integrates a hex editor specifically for inspecting and modifying raw bytes and Common Intermediate Language structures. It allows for the direct modification of binary contents to change application behavior without requiring the original project source files. The tool

Binwalk is a firmware analysis tool and binary data carver used to identify and extract embedded files and data segments from binary images. It functions as an embedded file extractor and data entropy analyzer to retrieve fragments from binary blobs when original file system structures are missing. The tool employs signature-based pattern matching and linear byte-stream scanning to detect known byte sequences and isolate hidden files. It uses sliding-window entropy analysis to locate regions of a file that are compressed or encrypted. The system supports recursive file carving, utilizing heu

radare2 is a reverse engineering framework and binary analysis toolset. It functions as a multi-architecture disassembler, low-level binary debugger, and hexadecimal editor for inspecting executable structures and interpreting machine code when original source files are unavailable. The framework provides capabilities for decompiling machine instructions, performing symbolic analysis, and diffing binary files to identify structural changes across versions. It also includes a digital forensic analyzer and disk analyzer for browsing filesystem formats in userland. The toolset supports binary p

A machine learning tool that ranks strings based on their relevance for malware analysis.

ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.

Python Command-Line Ghidra Binary Diffing Engine

Using Intel's PIN tool to solve CTF problems

edb is a cross-platform AArch32/x86/x86-64 debugger.

Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the

Luyten is an open source Java decompiler and bytecode analyzer designed to transform compiled class files back into high-level source code. It functions as a graphical user interface for the Procyon decompilation engine, allowing for the inspection and recovery of program logic from Java bytecode. The tool provides capabilities for Java reverse engineering and legacy code analysis, enabling the examination of third-party applications or libraries when original source code is unavailable. The system includes a desktop interface for browsing class hierarchies, recursive classpath scanning to

Boomerang Decompiler - Fighting the code-rot :)

DBeaver is a universal database client and administration environment designed for managing diverse relational and non-relational database systems. It provides a unified graphical interface that enables users to perform data manipulation, schema migration, and performance monitoring across multiple platforms. By utilizing a standardized driver abstraction layer, the application translates generic requests into database-specific commands, ensuring consistent interaction regardless of the underlying technology. The project distinguishes itself through an extensible, plugin-based architecture th

Robust ABC (ActionScript Bytecode) Dis-Assembler

Binary Analysis Platform

wxHexEditor official GIT repo

The new bridge between Burp Suite and Frida!

rVMI - A New Paradigm For Full System Analysis

Reverse engineering and pentesting for Android applications

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

Detect-It-Easy is a binary file identifier and analysis toolkit designed to determine file formats, compilers, and packers. It functions as a binary file identifier that utilizes signature matching and heuristic analysis to identify executable and archive formats. The project includes a custom file signature engine and a scriptable rule system for defining and applying detection logic to identify specific binary patterns. It features specialized detectors for Android packages, such as APK and DEX files, and a malware packer detector to identify protections, obfuscators, and virus families. T

Interactive Delphi Reconstructor