Penetration testing commands for Reverse Engineering
Reverse engineering focuses on dissecting software, firmware, or systems to understand their inner workings, often revealing vulnerabilities or undocumented features.
Name | Description | Price |
---|---|---|
androguard | Tool for reverse engineering and malware analysis of Android applications | Free |
angr | Platform-agnostic binary analysis framework | Free |
ANY RUN | Online virtual machine for malware hunting, sandbox with interactive access, real-time data-flow | Free |
Apk2Gold | Android decompiler (wrapper for apktool, dex2jar, and jd-gui) | Free |
Apktool | Android disassembler and rebuilder | Free |
arm_now | Tool that allows instant setup of virtual machines on various architectures for reverse, exploit, fuzzing and programming purpose | Free |
Barf | Binary Analysis and Reverse engineering Framework | Free |
bearparser | PE parsing library (from PE-bear) | Free |
Binary Ninja | Crossplatform binary analysis framework | Paid |
binbloom | Raw binary firmware analysis software; tries to determine the firmware loading address | Free |
binutils | GNU collection of binary tools | Free |
binwalk | Analyze, reverse engineer and extract firmware images (and other files, also usefull for Digital Forensics) | Free |
boomerang | x86 binaries to C decompiler | Free |
CAPEv2 | Malware sandbox derived from Cuckoo with the goal of adding automated malware unpacking, config and payload extraction | Free |
Cerberus | Unstrip Rust and Go binaries (ELF and PE) for static analysis; based on hashing and scoring systems, it can retrieve lots of symbol names | Free |
CFF Explorer | PE Editor | Free |
ctf_import | Library to run basic functions from stripped binaries | Free |
Cuckoo 3 | Python 3 port of Cuckoo, automated malware analysis system | Free |
Cutter | Qt and C++ GUI for radare2 | Free |
DbgShell | Front-end for the Windows debugger engine | Free |
de4dot | .NET deobfuscator and unpacker | Free |
Decompiler Explorer | Multi-decompiler engine; supports angr, BinaryNinja, Boomerang, dewolf, Ghidra, Hex-Rays, RecStudio, Reko, Relyze, RetDec, Snowman | Free |
Decompiler.com | C#, Python, Android and Java online decompiler | Free |
Defuse online disassembler | Online x86 (32/64 bits) assembler and disassembler | Free |
Dexcalibur | Android reverse engineering platform focus on instrumentation automation (decompile/disass intercepted bytecode at runtime, write hook code, search interesting pattern | Paid |
dnSpy | .NET assembly debugger, decompiler and editor | Free |
dnSpyEx | .NET assembly debugger, decompiler and editor; fork of dnSpy | Free |
dotPeek | .NET decompiler and assembly browser | Free |
DRAKVUF Sandbox | Automated black-box hypervisor-level malware analysis system | Free |
Droidefense | Android apps/malware analysis/reversing tool | Free |
DroidGuard VM Samples | Different versions of the DroidGuard VM as well as different version of the bytecode running through this VM | Free |
edb | Cross platform AArch32/x86/x86-64 debugger | Free |
EMBA | Security analyzer for firmware of embedded devices | Free |
Flare | Processes SWF and extract scripts from it | Free |
Flasm | Disassembler tool for SWF bytecode | Free |
Flutter Spy | Explore, analyze, and gain valuable data & insights from reverse engineered Flutter apps | Free |
Frida | Dynamic code instrumentation toolkit | Free |
GDB | GNU debugger | Free |
Ghidra | Software reverse engineering (SRE) suite of tools: disassembly, assembly, decompilation, graphing, scripting, etc. | Free |
Hiew | x86_64 disassembler for multiple formats | Paid |
Honggfuzz | Security oriented software fuzzer; supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based) | Free |
Hopper | Disassembler, decompiler and debugger | Paid |
IDA Pro | Disassembler and debugger | Paid |
ILSpy | .NET assembly browser and decompiler to C# | Free |
ImHex | Hexadecimal editor tailored for reverse engineers; byte patching, data import / export, data inspector, huge file support, file hashing, disassembler for many architectures, data analyzer | Free |
ImmunityDbg | Windows debugger with Python scripting support | Free |
jadx | DEX to Java decompiler | Free |
Java Decompilers | .JAR and .Class to Java decompiler | Free |
JD-GUI | GUI tool decompiling JAVA | Free |
JEB | Disassembler, decompiler and debugger | Paid |
JPEXS Free Flash Decompiler | A.k.a ffdec, flash SWF decompiler | Free |
JSDetox | Javascript deobfustcator | Free |
Kaitai Struct | Declarative language to generate binary data parsers in various languages | Free |
Kemon | macOS kernel pre and post callback-based framework | Free |
Krakatau | Java decompiler, assembler, and disassembler | Free |
ldd | Tool that print shared library dependencies | Free |
Medusa | Interactive multi-architecture and multi-formats disassembler running on Windows and Linux | Free |
Metasm | Assembler, disassembler, compiler and debugger | Free |
netzob | Protocol reverse engineering, modeling and fuzzing | Free |
ODA | Advanced multi-architecture online disassembler supporting a lot of architectures and object file formats | Free |
OllyDbg | Windows debugger | Free |
PANDA | Platform for architecture-neutral dynamic analysis | Free |
PASTIS | Fuzzing framework aiming at combining various software testing techniques within the same workflow to perform collaborative fuzzing also called ensemble fuzzing; supported engines are Honggfuzz, AFL++, TritonDSE | Free |
PE Explorer Disassembler | Windows disassembler | Paid |
PE Insider | PE viewer, closed source and windows only | Free |
Pe-bear | PE reverse tool: recognizes packers, fast disassembler, visualization of sections layout, selective comparing of two chosen PE files | Free |
Plasma | x86/ARM/MIPS interactive disassembler | Free |
Qira | Timeless debugger (QIRA = QEMU Interactive Runtime Analyser) | Free |
RABCDAsm | ActionScript disassembler | Free |
radare2 | Crossplatform binary analysis framework, disassembler, decompiler and debugger, support collaborative analysis | Free |
rbkb | Ruby BlackBag; a miscellaneous collection of command-line tools and ruby library helpers related to pen-testing and reversing | Free |
Recaf | Edit Java bytecode, insert single line Java statements into the bytecode, recompile decompiled code | Free |
ReFlutter | Flutter reverse engineering framework: allow traffic monitoring and interception, print classes and functions, display absolute code offset for functions, etc. | Free |
Relyze | x86 and ARM graphical interactive disassembler with Ruby plugin framework | Paid |
RetDec | Multi file formats and architectures machine-code decompiler | Free |
sandsifter | x86 processor fuzzer | Free |
Snowman | Native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures, exists as standalone app or as a plug-in | Free |
strace | Debugger for Linux | Free |
Swftools | Collection of utilities to work with SWF files | Free |
theZoo | Repository of live malwares for malware analysis | Free |
Triton | Dynamic binary analysis framework, automate reverse engineering | Free |
TritonDSE | Triton-based DSE library with loading and exploration capabilities | Free |
TTD-Bindings | Bindings for Microsoft WinDBG Time Travel Debugging (TTD) | Free |
Tweezer | Identifying function names in stripped binaries and un-named functions | Free |
UglifyJS2 | JavaScript obfuscator or beautifier toolkit | Free |
uncompyle | Python 2.7 binaries (.pyc) decompiler | Free |
uncompyle6 | Python 1.5, 2.1 to 2.7, 3.1 to 3.6 binaries (.pyc) decompiler | Free |
Vais | SWF vulnerability and information scanner | Free |
WinDbg | Windows debugger | Free |
x64dbg | Windows debugger | Free |
XenoScan | Processes memory scanner | Free |
Xori | Disassembly and static analysis library that provides triage analysis data | Free |
xxxswf | Small script for carving, scanning, compressing, decompressing and analyzing SWF files | Free |