Penetration testing commands for Reverse Engineering
Reverse engineering focuses on dissecting software, firmware, or systems to understand their inner workings, often revealing vulnerabilities or undocumented features.
| Name | Description | Price |
|---|---|---|
| androguard | Tool for reverse engineering and malware analysis of Android applications | Free |
| angr | Platform-agnostic binary analysis framework | Free |
| ANY RUN | Online virtual machine for malware hunting, sandbox with interactive access, real-time data-flow | Free |
| Apk2Gold | Android decompiler (wrapper for apktool, dex2jar, and jd-gui) | Free |
| Apktool | Android disassembler and rebuilder | Free |
| arm_now | Tool that allows instant setup of virtual machines on various architectures for reverse, exploit, fuzzing and programming purpose | Free |
| Barf | Binary Analysis and Reverse engineering Framework | Free |
| bearparser | PE parsing library (from PE-bear) | Free |
| Binary Ninja | Crossplatform binary analysis framework | Paid |
| binbloom | Raw binary firmware analysis software; tries to determine the firmware loading address | Free |
| binutils | GNU collection of binary tools | Free |
| binwalk | Analyze, reverse engineer and extract firmware images (and other files, also usefull for Digital Forensics) | Free |
| boomerang | x86 binaries to C decompiler | Free |
| CAPEv2 | Malware sandbox derived from Cuckoo with the goal of adding automated malware unpacking, config and payload extraction | Free |
| Cerberus | Unstrip Rust and Go binaries (ELF and PE) for static analysis; based on hashing and scoring systems, it can retrieve lots of symbol names | Free |
| CFF Explorer | PE Editor | Free |
| ctf_import | Library to run basic functions from stripped binaries | Free |
| Cuckoo 3 | Python 3 port of Cuckoo, automated malware analysis system | Free |
| Cutter | Qt and C++ GUI for radare2 | Free |
| DbgShell | Front-end for the Windows debugger engine | Free |
| de4dot | .NET deobfuscator and unpacker | Free |
| Decompiler Explorer | Multi-decompiler engine; supports angr, BinaryNinja, Boomerang, dewolf, Ghidra, Hex-Rays, RecStudio, Reko, Relyze, RetDec, Snowman | Free |
| Decompiler.com | C#, Python, Android and Java online decompiler | Free |
| Defuse online disassembler | Online x86 (32/64 bits) assembler and disassembler | Free |
| Dexcalibur | Android reverse engineering platform focus on instrumentation automation (decompile/disass intercepted bytecode at runtime, write hook code, search interesting pattern | Paid |
| dnSpy | .NET assembly debugger, decompiler and editor | Free |
| dnSpyEx | .NET assembly debugger, decompiler and editor; fork of dnSpy | Free |
| dotPeek | .NET decompiler and assembly browser | Free |
| DRAKVUF Sandbox | Automated black-box hypervisor-level malware analysis system | Free |
| Droidefense | Android apps/malware analysis/reversing tool | Free |
| DroidGuard VM Samples | Different versions of the DroidGuard VM as well as different version of the bytecode running through this VM | Free |
| edb | Cross platform AArch32/x86/x86-64 debugger | Free |
| EMBA | Security analyzer for firmware of embedded devices | Free |
| Flare | Processes SWF and extract scripts from it | Free |
| Flasm | Disassembler tool for SWF bytecode | Free |
| Flutter Spy | Explore, analyze, and gain valuable data & insights from reverse engineered Flutter apps | Free |
| Frida | Dynamic code instrumentation toolkit | Free |
| GDB | GNU debugger | Free |
| Ghidra | Software reverse engineering (SRE) suite of tools: disassembly, assembly, decompilation, graphing, scripting, etc. | Free |
| Hiew | x86_64 disassembler for multiple formats | Paid |
| Honggfuzz | Security oriented software fuzzer; supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based) | Free |
| Hopper | Disassembler, decompiler and debugger | Paid |
| IDA Pro | Disassembler and debugger | Paid |
| ILSpy | .NET assembly browser and decompiler to C# | Free |
| ImHex | Hexadecimal editor tailored for reverse engineers; byte patching, data import / export, data inspector, huge file support, file hashing, disassembler for many architectures, data analyzer | Free |
| ImmunityDbg | Windows debugger with Python scripting support | Free |
| jadx | DEX to Java decompiler | Free |
| Java Decompilers | .JAR and .Class to Java decompiler | Free |
| JD-GUI | GUI tool decompiling JAVA | Free |
| JEB | Disassembler, decompiler and debugger | Paid |
| JPEXS Free Flash Decompiler | A.k.a ffdec, flash SWF decompiler | Free |
| JSDetox | Javascript deobfustcator | Free |
| Kaitai Struct | Declarative language to generate binary data parsers in various languages | Free |
| Kemon | macOS kernel pre and post callback-based framework | Free |
| Krakatau | Java decompiler, assembler, and disassembler | Free |
| ldd | Tool that print shared library dependencies | Free |
| Medusa | Interactive multi-architecture and multi-formats disassembler running on Windows and Linux | Free |
| Metasm | Assembler, disassembler, compiler and debugger | Free |
| netzob | Protocol reverse engineering, modeling and fuzzing | Free |
| ODA | Advanced multi-architecture online disassembler supporting a lot of architectures and object file formats | Free |
| OllyDbg | Windows debugger | Free |
| PANDA | Platform for architecture-neutral dynamic analysis | Free |
| PASTIS | Fuzzing framework aiming at combining various software testing techniques within the same workflow to perform collaborative fuzzing also called ensemble fuzzing; supported engines are Honggfuzz, AFL++, TritonDSE | Free |
| PE Explorer Disassembler | Windows disassembler | Paid |
| PE Insider | PE viewer, closed source and windows only | Free |
| Pe-bear | PE reverse tool: recognizes packers, fast disassembler, visualization of sections layout, selective comparing of two chosen PE files | Free |
| Plasma | x86/ARM/MIPS interactive disassembler | Free |
| Qira | Timeless debugger (QIRA = QEMU Interactive Runtime Analyser) | Free |
| RABCDAsm | ActionScript disassembler | Free |
| radare2 | Crossplatform binary analysis framework, disassembler, decompiler and debugger, support collaborative analysis | Free |
| rbkb | Ruby BlackBag; a miscellaneous collection of command-line tools and ruby library helpers related to pen-testing and reversing | Free |
| Recaf | Edit Java bytecode, insert single line Java statements into the bytecode, recompile decompiled code | Free |
| ReFlutter | Flutter reverse engineering framework: allow traffic monitoring and interception, print classes and functions, display absolute code offset for functions, etc. | Free |
| Relyze | x86 and ARM graphical interactive disassembler with Ruby plugin framework | Paid |
| RetDec | Multi file formats and architectures machine-code decompiler | Free |
| sandsifter | x86 processor fuzzer | Free |
| Snowman | Native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures, exists as standalone app or as a plug-in | Free |
| strace | Debugger for Linux | Free |
| Swftools | Collection of utilities to work with SWF files | Free |
| theZoo | Repository of live malwares for malware analysis | Free |
| Triton | Dynamic binary analysis framework, automate reverse engineering | Free |
| TritonDSE | Triton-based DSE library with loading and exploration capabilities | Free |
| TTD-Bindings | Bindings for Microsoft WinDBG Time Travel Debugging (TTD) | Free |
| Tweezer | Identifying function names in stripped binaries and un-named functions | Free |
| UglifyJS2 | JavaScript obfuscator or beautifier toolkit | Free |
| uncompyle | Python 2.7 binaries (.pyc) decompiler | Free |
| uncompyle6 | Python 1.5, 2.1 to 2.7, 3.1 to 3.6 binaries (.pyc) decompiler | Free |
| Vais | SWF vulnerability and information scanner | Free |
| WinDbg | Windows debugger | Free |
| x64dbg | Windows debugger | Free |
| XenoScan | Processes memory scanner | Free |
| Xori | Disassembly and static analysis library that provides triage analysis data | Free |
| xxxswf | Small script for carving, scanning, compressing, decompressing and analyzing SWF files | Free |