30 open-source projects similar to mxmssh/drltrace, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Drltrace alternative.
dnSpy is a specialized toolset for the reverse engineering, analysis, and modification of compiled .NET binaries. It functions as a decompiler that converts assemblies back into readable high-level source code, an assembly editor for modifying bytecode and metadata, and a debugger for inspecting compiled binaries. The project integrates a hex editor specifically for inspecting and modifying raw bytes and Common Intermediate Language structures. It allows for the direct modification of binary contents to change application behavior without requiring the original project source files. The tool
Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol manipulation. It functions as a gateway that intercepts, inspects, and modifies network traffic in real-time, supporting HTTP, HTTPS, WebSocket, DNS, and generic TCP or UDP streams. By acting as a trusted certificate authority, the proxy can dynamically generate and sign certificates to decrypt and analyze secure TLS-encrypted connections. The project distinguishes itself through a highly extensible, event-driven architecture that allows users to automate traffic transformation using cust
Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone
Retdec is an LLVM-based machine code decompiler and static binary analysis tool designed for binary reverse engineering. It translates binary executable code into high-level representations to facilitate the reconstruction of program logic from compiled machine code. The system utilizes a retargetable frontend architecture and a multi-stage lifting pipeline to convert raw bytes into a common intermediate language. It differentiates custom program logic from known library code through signature-based identification and provides utilities for binary symbol demangling to restore human-readable n
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
ImHex is a professional-grade hex editor and binary data analysis platform designed for inspecting, modifying, and reverse engineering raw file contents. It functions as a schema-driven engine that interprets complex binary structures by applying custom definitions to map and visualize byte-level data. The platform distinguishes itself through a dedicated domain-specific language that allows users to define structural schemas for automated file parsing. This capability is supported by a dynamic plugin architecture and an event-driven registry, which enable the integration of external modules
This project is a specialized toolset for profiling kernel latency, analyzing tracepoint frequency, and monitoring system-wide performance data. It functions as a kernel performance profiler, tracepoint analyzer, and a collection of utilities for the Linux ftrace and perf_events subsystems. The toolkit provides high-level abstractions via shell-scripted wrappers to manage complex kernel tracing interfaces. It distinguishes itself through the use of bucket-based event histograms to visualize the distribution of kernel events and the ability to identify functions exceeding specific latency thre
Pics is a comprehensive reference library providing visual documentation for binary file structures, character encodings, processor instruction sets, and hardware architecture maps. It serves as a centralized resource for the dissection and analysis of diverse binary formats, including executables, images, and archives. The project specializes in mapping complex specifications into visual layouts. This includes the creation of schematic diagrams to explain the physical and logical organization of hardware components and the maintenance of a catalog for processor opcodes across multiple hardwa
GhidraMCP is a Model Context Protocol server that exposes Ghidra binary analysis and decompilation functions to external intelligence models. It acts as a bridge that connects the Ghidra reverse engineering suite to external tools through a standardized communication protocol, facilitating automated reverse engineering and software auditing. The project enables the extraction of decompiled code and program structural data to populate the context windows of language models. It features a binary symbol management tool capable of dynamic symbol resolution, allowing method and data names to be up
Capstone is a multi-architecture disassembly framework and binary translation system. It converts binary machine code into human-readable assembly instructions for a wide variety of hardware instruction set architectures and virtual machines. The framework supports a diverse range of targets, including x86, ARM, RISC-V, and MIPS, as well as virtual machine environments like WebAssembly and the Ethereum Virtual Machine. It functions as an instruction analysis tool capable of extracting granular decomposition data and semantic information from disassembled code. The engine is designed for low-
GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in IDA.
js-beautify is a web language beautifier and code formatter designed to standardize the layout and structure of JavaScript, HTML, and CSS files. It reorganizes source code into a consistent, readable style by applying configurable indentation and spacing rules. The project includes a utility for unpacking minified scripts, which transforms compressed or obfuscated JavaScript into a human-readable format. It provides a command-line interface for executing bulk code reformatting across multiple files. The tool supports customizable formatting rules and language-specific overrides, which can be
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
A dynamic VMP dumper and import fixer, powered by VTIL.
Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
Binary Analysis Platform