30 open-source projects similar to radareorg/cutter, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Cutter alternative.
Ghidra is a software reverse engineering suite designed to analyze compiled binaries and reconstruct program logic without access to original source code. It provides an interactive environment for disassembly and decompilation, utilizing a platform-independent intermediate representation to maintain consistency across diverse hardware architectures. The framework supports automated binary analysis through programmatic routines, enabling the investigation of complex code patterns and security indicators. The platform distinguishes itself through a modular architecture that allows for extensiv
Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol manipulation. It functions as a gateway that intercepts, inspects, and modifies network traffic in real-time, supporting HTTP, HTTPS, WebSocket, DNS, and generic TCP or UDP streams. By acting as a trusted certificate authority, the proxy can dynamically generate and sign certificates to decrypt and analyze secure TLS-encrypted connections. The project distinguishes itself through a highly extensible, event-driven architecture that allows users to automate traffic transformation using cust
Automated static analysis tools for binary programs
Jadx is a comprehensive Java decompilation suite designed to transform compiled binary application files into readable source code. It functions as a static analysis workbench, providing a graphical interface for navigating, searching, and inspecting the internal logic of complex software packages. By utilizing a bytecode-to-Java pipeline, the project reconstructs high-level logical structures from low-level binary instructions, making it a primary tool for Android application reverse engineering. The project distinguishes itself through a sophisticated control flow reconstruction engine and
dnSpy is a specialized toolset for the reverse engineering, analysis, and modification of compiled .NET binaries. It functions as a decompiler that converts assemblies back into readable high-level source code, an assembly editor for modifying bytecode and metadata, and a debugger for inspecting compiled binaries. The project integrates a hex editor specifically for inspecting and modifying raw bytes and Common Intermediate Language structures. It allows for the direct modification of binary contents to change application behavior without requiring the original project source files. The tool
radare2 is a reverse engineering framework and binary analysis toolset. It functions as a multi-architecture disassembler, low-level binary debugger, and hexadecimal editor for inspecting executable structures and interpreting machine code when original source files are unavailable. The framework provides capabilities for decompiling machine instructions, performing symbolic analysis, and diffing binary files to identify structural changes across versions. It also includes a digital forensic analyzer and disk analyzer for browsing filesystem formats in userland. The toolset supports binary p
Krakatau provides an assembler and disassembler for Java bytecode, which allows you to convert binary classfiles to a human readable text format, make changes, and convert it back to a classfile, even for obfuscated code. You can also create your own classfiles from scratch by writing bytecode…
PINCE is a dynamic debugger, instruction tracer, and memory scanner designed for the analysis and manipulation of running processes. It functions as a process memory manipulator and editor, allowing for the identification, modification, and monitoring of values within a target application's active memory. The tool distinguishes itself through memory pointer analysis, tracing addresses and offsets to locate static pointers that lead to dynamic data across different sessions. It also enables the execution of internal functions within a running process by manipulating the instruction pointer and
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
Cutter is a binary analysis platform and graphical user interface for the Rizin reverse engineering framework. It provides an environment for analyzing the internal logic and data structures of compiled binaries through integrated disassembly and visualization. The platform supports a containerized deployment model to provide isolated environments for binary analysis, which is used to examine suspicious binaries without risking the host system. It is an extensible security tool that allows for the addition of custom analysis capabilities and visualizers via native plugins and scripts. The to
Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
Reverse engineering and pentesting for Android applications
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
pwndbg is a GDB plugin and binary analysis framework designed for reverse engineering, exploit development, and low-level program analysis. It extends the core functionality of the debugger to provide advanced memory inspection and automation tools. The project distinguishes itself with specialized capabilities for heap analysis across glibc, jemalloc, and musl, as well as a comprehensive kernel debugging toolkit for inspecting Linux kernel tasks and slab allocators. It includes an integrated ROP gadget searcher for constructing exploit chains and an LLM-powered debugging assistant that provi
Capstone is a multi-architecture disassembly framework and binary translation system. It converts binary machine code into human-readable assembly instructions for a wide variety of hardware instruction set architectures and virtual machines. The framework supports a diverse range of targets, including x86, ARM, RISC-V, and MIPS, as well as virtual machine environments like WebAssembly and the Ethereum Virtual Machine. It functions as an instruction analysis tool capable of extracting granular decomposition data and semantic information from disassembled code. The engine is designed for low-
Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
Binwalk is a firmware analysis tool and binary data carver used to identify and extract embedded files and data segments from binary images. It functions as an embedded file extractor and data entropy analyzer to retrieve fragments from binary blobs when original file system structures are missing. The tool employs signature-based pattern matching and linear byte-stream scanning to detect known byte sequences and isolate hidden files. It uses sliding-window entropy analysis to locate regions of a file that are compressed or encrypted. The system supports recursive file carving, utilizing heu
Diaphora is a binary diffing tool and similarity engine designed to compare compiled binaries and identify changed or matching code sections. It functions as a reverse engineering plugin that maps relationships between functions and detects compilation units using assembler analysis and graph theory. The project specializes in vulnerability patch analysis, allowing users to detect security fixes by comparing different versions of a binary. It synchronizes analysis metadata, such as symbol names and comments, between binaries and generates patches by comparing decompiled pseudo-code. The engi
Vulnerability research assistant that locates calls to potentially insecure API functions in a binary file.
Small package to allow adding security headers to ASP.NET Core websites
v2rayNG is an Android proxy client designed to route device network traffic through encrypted tunnels. It functions as a network routing engine that intercepts outgoing requests and applies custom traffic rules to manage connectivity and enhance user privacy. The application distinguishes itself by integrating a high-performance network proxy core, which enables complex protocol translation and traffic management directly on mobile devices. It utilizes local loopback and Unix-socket tunneling to redirect device-wide requests, maintaining persistent connectivity through native background servi
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the
Atomic and non-atomic counters and rate limiting tools. Limit resource access at any scale.
This project provides a standardized framework for extending the functional range of artificial intelligence agents through a registry of modular, declarative instructions. It enables agentic workflow automation by allowing developers to define task-specific behaviors and operational constraints that guide how agents interact with external tools and execute multi-step processes. The system distinguishes itself through a directory-based discovery model and a plugin-registry architecture that facilitates the distribution of specialized workflows. By utilizing a schema-driven specification that
This plugin for Capacitor 8 provides access to native biometry and device credentials on iOS and Android. It supports every type of biometry and every configuration option on both platforms. In addition, biometry and device credentials are simulated on the web so you can test your logic without…
Reverse engineering assistant that uses a locally running LLM to aid with pseudocode analysis.