17 repository-uri
Utilities for inspecting and decompiling intermediate bytecode formats.
Explore 17 awesome GitHub repositories matching part of an awesome list · Bytecode Analysis Tools. Refine with filters or upvote what's useful.
dnSpy is a specialized toolset for the reverse engineering, analysis, and modification of compiled .NET binaries. It functions as a decompiler that converts assemblies back into readable high-level source code, an assembly editor for modifying bytecode and metadata, and a debugger for inspecting compiled binaries. The project integrates a hex editor specifically for inspecting and modifying raw bytes and Common Intermediate Language structures. It allows for the direct modification of binary contents to change application behavior without requiring the original project source files. The tool
A debugger and .NET assembly editor for bytecode analysis.
dex2jar is an Android dex decompiler and reverse engineering tool designed to convert Dalvik executable bytecode into Java class files. It functions as a bytecode converter that transforms compiled Android binaries into a format compatible with standard Java analysis tools. The project facilitates Android app decompilation and Java bytecode recovery by translating executable files into readable structures. This allows for the analysis of application logic and the identification of security vulnerabilities or malicious behavior during Android malware analysis. The tool performs static bytecod
Parses binary dex files to extract class hierarchies and method signatures through static analysis.
de4dot is a .NET deobfuscator and unpacker designed to reverse obfuscation and restore readable code and metadata within .NET assemblies. It functions as a bytecode analyzer that simplifies control flow, strips anti-debugging protections, and extracts original payloads from packed executable wrappers. The project distinguishes itself through a modular deobfuscation pipeline and a sandbox environment used for dynamic string decryption, which executes decryption methods to replace encrypted strings with plain-text values. It can identify specific obfuscation tools through pattern-based binary a
Analyzes Common Intermediate Language bytecode to simplify control flow and remove junk instructions.
JerryScript is a lightweight, ECMAScript-compliant JavaScript engine and bytecode compiler designed for resource-constrained devices. It serves as an embedded interpreter and IoT scripting runtime, enabling the execution of JavaScript code within native C applications on hardware with limited memory. The project differentiates itself through a focus on low-memory runtime management, utilizing bytecode precompilation and pre-compiled state snapshots to reduce startup time and memory overhead. It features a C-binding native bridge for bidirectional communication between native code and scripts,
Provides the ability to dump generated bytecode into a human-readable format for analysis.
Recaf este o suită de instrumente specializate pentru asamblarea, editarea, deobfuscare, decompilarea și instrumentarea bytecode-ului Java și a proceselor de runtime. Oferă un mediu coordonat pentru modificarea fișierelor de clasă Java compilate și analizarea comportamentului aplicațiilor Java. Proiectul se distinge printr-un strat de abstractizare pe mai multe niveluri care permite editarea în diferite formate și un framework pluggable care rutează bytecode-ul prin mai multe motoare de decompilare configurabile. Include un motor de scripting încorporat și o arhitectură de plugin-uri pentru a automatiza sarcinile repetitive și a extinde comportamentul sistemului. Setul de instrumente acoperă mai multe domenii de capabilități de nivel înalt, inclusiv analiză statică pentru căutarea conținutului aplicației și simularea stărilor de execuție a metodelor. De asemenea, suportă instrumentarea runtime pentru atașarea la procese live și transformarea automată a bytecode-ului pentru eliminarea obfuscării și repararea fișierelor de clasă. Execuția headless este suportată printr-o interfață de linie de comandă pentru a integra fluxurile de lucru în pipeline-uri de build externe.
Provides a pluggable framework that routes bytecode through multiple interchangeable decompilers.
Smali is a two-way binary translation toolset designed to convert Dalvik bytecode to human-readable assembly and back again. It provides a mechanism for the disassembly and assembly of executable files used in virtual machine environments. The project enables the modification of compiled Android application logic by transforming binary files into editable assembly and rebuilding them. It is used for reverse engineering, malware analysis, and the study of low-level instructions to identify program behavior or security flaws. The toolkit covers binary construction through smali code assembly a
Disassembles Dalvik bytecode into human-readable assembly while preserving annotations and debug information.
Reverse engineering and pentesting for Android applications
Decompiles Dalvik bytecode into human-readable assembly instructions for security analysis.
JPEX Software is a comprehensive reverse engineering suite for SWF binary files, serving as an ActionScript decompiler and editor. It provides a toolkit for decompiling, analyzing, and modifying the internal structure of compiled Flash content, including the extraction of scripts and media assets. The project is distinguished by its ability to perform direct binary modification, allowing users to edit bytecode and replace embedded resources without reverting to high-level source code. It includes a runtime ActionScript bytecode debugger for variable inspection and call stack analysis, as well
Ships a powerful ActionScript decompiler that transforms compiled bytecode back into human-readable source code.
Steamless este un utilitar specializat conceput pentru a elimina wrapper-ele de gestionare a drepturilor digitale (DRM) SteamStub din executabilele jocurilor. Acesta funcționează ca un decriptor și unpacker care elimină aceste straturi de protecție pentru a recupera datele binare brute ale aplicației originale. Prin eliminarea wrapper-ului specific platformei, instrumentul restaurează punctele de intrare originale și permite executabilelor să ruleze fără a necesita o instanță de platformă autentificată. Acest proces pregătește binarele jocurilor pentru modificare prin eliminarea straturilor care împiedică de obicei instrumentele terțe să acceseze codul. Proiectul utilizează despachetarea binară statică, scanarea binară liniară și analiza bytecode-ului bazată pe tipare pentru a identifica limitele payload-ului și a reconstrui structurile executabile originale.
Utilizes pattern-based bytecode analysis to identify DRM wrapper boundaries within executable files.
This project is a comprehensive Android reverse engineering suite that functions as a decompiler, bytecode deobfuscator, and malware analysis tool. It is designed to convert APK, DEX, and OAT binaries into human-readable source code using a native implementation that does not require a Java Virtual Machine. The platform is distinguished by its integration with Frida for dynamic analysis, allowing users to hook methods, inject custom JavaScript, and dump device memory in real time. It also features specialized security engines, including a taint propagation engine and a stack-state machine, to
Translates Dalvik bytecode into readable source code using a structured algorithm to recover program logic.
Fernflower is a Java bytecode decompiler and reverse engineering tool. It transforms compiled Java class files back into human-readable Java source code to reconstruct original program logic and variable names. The tool functions as a command line bytecode processor capable of batch processing Java archives and class files. It specifically handles obfuscated code analysis by renaming ambiguous identifiers and resolving naming conflicts to make the resulting source code easier to follow. The system employs static analysis to convert bytecode to source, utilizing debug information extraction t
Functions as a bytecode decompiler that transforms compiled class files back into human-readable Java source code.
python-uncompyle6 is a Python bytecode decompiler and reverse engineering tool designed to convert compiled bytecode files back into human-readable source code. It functions as a source code recoverer and bytecode disassembler, allowing for the analysis of internal program logic and the reconstruction of original language constructs. The tool provides cross-version support, enabling the analysis and recovery of source code from bytecode created across multiple different versions of the Python interpreter. This allows it to operate as a cross-version bytecode analyzer that can interpret varied
Provides the ability to list Python bytecode instructions with flags and operands for manual code analysis.
pycdc is a reverse engineering toolset that decompiles and disassembles compiled Python bytecode files back into readable source code. It parses .pyc file headers, reconstructs abstract syntax trees from bytecode instructions, and handles version-specific opcodes across Python versions 1.0 through 3.13 with endian-aware binary parsing. The tool recovers numeric constants, string literals, and marshalled Python objects from compiled bytecode, supporting both file-based and in-memory bytecode loading. It provides a human-readable disassembly listing of bytecode instructions alongside full sourc
Translate compiled Python bytecode back into readable source code by analyzing and reconstructing the original program structure.
Fernflower is a Java bytecode decompiler designed to convert compiled Java class files back into human-readable source code. It functions as a bytecode analysis tool that recovers original program logic and structure from compiled binaries. The project includes capabilities for obfuscated identifier resolution to rename ambiguous member elements, ensuring clear identifiers in the resulting source. These features support the analysis of obfuscated code, legacy code recovery, and Java malware analysis for security auditing. The system utilizes a structural analysis pipeline that includes contr
Converts compiled Java class files back into readable source code to recover original program logic.
pyinstxtractor is a PyInstaller executable unpacker and Python bytecode recovery tool. It functions as a helper for decompiling compiled Python binaries by extracting bundled binaries and bytecode from executables created with PyInstaller. The project includes a bytecode decryptor to remove encryption from extracted files and a header repair tool that restores corrupted headers. These capabilities ensure that extracted compiled files are compatible with bytecode decompilation software. The utility covers reverse engineering of Python applications, supporting malware analysis workflows throug
Restores missing magic numbers and versioning information to make extracted bytecode compatible with decompilers.
gdsdecomp is a project recovery suite and game engine reverse engineering toolset. It functions as a bytecode decompiler, binary resource converter, and asset extraction tool designed to reconstruct original directory hierarchies and scripts from compiled binary game assets. The toolset specializes in GDScript bytecode decompilation and compilation, translating compiled bytecode back into human-readable source code or converting source code into executable bytecode for specific engine versions and commit hashes. It includes a game archive patcher to modify project archives by replacing intern
Converts compiled bytecode files back into human-readable source code for various engine versions.
ArchUnit is a Java architecture testing library and automated validator that analyzes compiled bytecode to verify that source code adheres to predefined design rules. It functions as a testing framework that fails builds when the actual code structure violates architectural constraints. The library uses a fluent rule specification to define constraints and employs bytecode analysis to inspect class relationships and package dependencies. This allows for the automated detection of circular dependencies and the enforcement of dependency rules between packages. The tool covers a range of struct
Inspects compiled Java classes to enforce rules regarding package dependencies and class relationships.