将已编译的机器码还原为人类可读源代码表示形式的开源软件工具。
Ghidra is a software reverse engineering suite designed to analyze compiled binaries and reconstruct program logic without access to original source code. It provides an interactive environment for disassembly and decompilation, utilizing a platform-independent intermediate representation to maintain consistency across diverse hardware architectures. The framework supports automated binary analysis through programmatic routines, enabling the investigation of complex code patterns and security indicators. The platform distinguishes itself through a modular architecture that allows for extensiv
Ghidra is a full-featured reverse engineering suite that decompiles binaries into C-like pseudocode, supports many architectures, and offers an interactive, extensible environment, exactly matching the need for a binary decompiler.
LLM4Decompile is a toolset and framework for binary-to-source code translation. It uses large language models to transform machine code into readable source code and recover the original logic of compiled executables. The project includes a specialized pipeline for generating synthetic training datasets by converting source code into assembly pairs. It provides a fine-tuning framework to optimize deep learning models on these binary-to-source datasets, increasing the accuracy of code recovery. The system also features capabilities for refining decompiled pseudo-code. This process focuses on
This is an LLM-powered decompiler that directly converts machine code into readable source code and refines pseudo-code, matching the core goal of binary decompilation, though it relies on AI models rather than offering interactive, multi-architecture, or plugin-based features typical of traditional decompilers.
RetDec is a reverse engineering framework and static binary analysis tool. Its primary purpose is to function as an LLVM-based machine code decompiler that translates binary machine code from multiple architectures into high-level C source code. The system employs a multi-stage lifting pipeline to recover program logic, using an intermediate representation to apply optimizations before emitting source code. It distinguishes itself through the ability to identify compilers and packers, perform executable unpacking, and reconstruct class hierarchies and original program structures. The framewo
RetDec is an LLVM-based decompiler that converts machine code from multiple architectures into high-level C source code, making it a solid choice for binary analysis and recovery even though it is primarily static and lacks an interactive GUI for step-by-step exploration.
PS2Recomp is a static recompiler for PlayStation 2 that translates machine instructions from executable binaries into source code to enable execution on modern hardware. It functions as a binary-to-source translator and a binary analysis tool designed to facilitate the preservation of legacy software. The project distinguishes itself through a hardware emulation runtime that manages memory models and register contexts, combined with a static binary patcher for replacing raw instructions and overriding function bindings. It utilizes a specialized vector unit instruction execution system that m
PS2Recomp is a static recompiler that translates PlayStation 2 machine instructions into source code, making it a binary decompiler for that specific platform—it fits the intent of converting binaries to high-level code for recovery, though its scope is limited to a single architecture and it lacks interactive features and broad extensibility.
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the
Angr is a binary analysis framework that includes a full decompiler capable of translating machine code into C-like pseudocode across multiple architectures, with Python scriptability, handling of stripped binaries, and support for debug information via symbolic execution, fitting all key aspects of this decompilation search.
radare2 is a reverse engineering framework and binary analysis toolset. It functions as a multi-architecture disassembler, low-level binary debugger, and hexadecimal editor for inspecting executable structures and interpreting machine code when original source files are unavailable. The framework provides capabilities for decompiling machine instructions, performing symbolic analysis, and diffing binary files to identify structural changes across versions. It also includes a digital forensic analyzer and disk analyzer for browsing filesystem formats in userland. The toolset supports binary p
radare2 is a reverse engineering framework that includes a multi-architecture decompiler producing C-like pseudocode, with interactive analysis, plugin extensibility, and support for stripped binaries and debug info — it directly matches the need to convert compiled binaries into readable high-level source code.
Radare2 is a comprehensive framework for reverse engineering and analyzing compiled software. It provides a command-line environment designed for disassembling, debugging, and patching binary executables across a wide range of processor architectures and operating systems. The system distinguishes itself through a modular, plugin-based architecture that supports cross-platform analysis and automated workflows. It utilizes memory-mapped file access to enable efficient structural inspection and modification of binaries without requiring full file loads. By lifting machine instructions into a un
Radare2 is a modular reverse engineering framework that includes a decompiler, converting binaries to C-like pseudocode across many architectures, with plugin extensibility and interactive analysis — fitting the search for a binary decompiler.
Retdec is an LLVM-based machine code decompiler and static binary analysis tool designed for binary reverse engineering. It translates binary executable code into high-level representations to facilitate the reconstruction of program logic from compiled machine code. The system utilizes a retargetable frontend architecture and a multi-stage lifting pipeline to convert raw bytes into a common intermediate language. It differentiates custom program logic from known library code through signature-based identification and provides utilities for binary symbol demangling to restore human-readable n
Retdec is an LLVM-based machine-code decompiler that converts binaries into human-readable C-like pseudocode, supports multiple architectures, handles stripped binaries, and exports decompiled projects—making it a solid choice for binary analysis and recovery, though it lacks an interactive GUI and plugin extensibility.
ipsw is a specialized toolkit for iOS firmware analysis, binary reverse engineering, and hardware interaction. It provides a suite of tools for downloading, extracting, and analyzing firmware images and kernel caches, alongside a MachO binary analysis tool for disassembling and patching executables. The project distinguishes itself through integrated language-model-powered code reconstruction to translate machine code into high-level source code. It also features an automation client for the App Store Connect API to manage certificates and application settings. The framework covers a broad r
ipsw is a specialized binary reverse-engineering toolkit with language-model-powered code reconstruction for Apple Mach-O and firmware binaries, which fits the core decompilation need but is limited to Apple ecosystems and lacks the architecture breadth, interactive GUI, and plugin extensibility of a general-purpose decompiler.
Reko is a binary decompiler.
Reko is a full binary decompiler that supports multiple architectures (x86, ARM, RISC‑V, m68k, etc.) and produces decompiled output, which directly matches the request for converting machine code to high‑level source code.