4 个仓库
The process of converting executable binary data into human-readable assembly language for analysis.
Distinct from Binary Assembly: Distinct from Binary Assembly: this is the inverse process, converting machine code back to text rather than text to binary.
Explore 4 awesome GitHub repositories matching operating systems & systems programming · Binary Disassembly. Refine with filters or upvote what's useful.
这是一个针对 iOS 应用程序逆向工程的综合技术指南和课程。它作为一本手册,用于通过反汇编和调试工具剖析移动二进制文件,以分析内部应用程序逻辑和行为。 该材料作为 ARM 汇编和 Objective-C 理论的参考,提供了将底层机器代码转换为人类可读逻辑的必要框架。它将理论研究与实践练习相结合,以验证逆向工程工具在现实世界二进制文件上的使用。 范围涵盖静态二进制分析、动态运行时调试以及 iOS 系统架构的研究。这包括映射文件系统层级和数据组织,以定位应用程序资源和配置文件。
Provides a comprehensive guide on converting compiled machine code into human-readable assembly for iOS binary analysis.
HyperDbg is a hardware-assisted kernel-mode debugging platform that leverages virtualization to monitor and control system execution. By utilizing hypervisor-level primitives, it enables deep system analysis and instrumentation without relying on standard operating system debugging interfaces. The framework provides a comprehensive environment for inspecting both kernel and user-mode processes, allowing for granular control over execution flow and system state. The project distinguishes itself through a transparent debugging layer designed to remain invisible to the target environment. It emp
Converts raw binary instructions into human-readable assembly language for analysis.
APKLab is an integrated security analysis platform and reverse engineering IDE for Android applications. It provides a unified environment for decompiling binaries into source code, repackaging modified applications into signed installers, and performing comprehensive security analysis. The platform distinguishes itself by combining static and dynamic analysis workflows. It enables the injection of runtime hooks and gadget libraries to monitor application behavior, while providing specialized patching capabilities to intercept and decrypt encrypted network traffic via a proxy. The toolkit co
Decodes application binaries into Smali assembly code for detailed analysis and modification.
PE-bear is a graphical portable executable analysis tool designed for inspecting, disassembling, and modifying the structure of Windows PE binary files. It functions as a static analysis framework used to identify malicious patterns and reverse engineer program logic. The project provides a binary diffing tool to identify structural and content differences between two executable files. It also includes a section editor for modifying binary layouts by adding or altering sections and imports. The tool covers a range of binary analysis capabilities, including machine code disassembly, file layo
Translates binary data into human-readable assembly instructions starting from a specific address or file offset.