panopticon - A libre cross-platform disassembler.

•    Rust

If you simply want to use Panopticon follow the install instructions on the website.Panopticon builds with Rust stable. The only dependencies aside from a working Rust stable toolchain and Cargo you need is Qt 5.5 or higher.

medusa - An open source interactive disassembler

•    C++

Medusa is a disassembler designed to be both modular and interactive. It runs on Windows and Linux, it should be the same on OSX. This project is organized as a library. To disassemble a file you have to use medusa_text or qMedusa. Medusa requires the following libraries: boost >= 1.55 (system, filesystem, thread, date_time), OGDF (required git), and Qt5 >= 5.2 for the GUI. You also need CMake for compilation and a C++11 compiler (VS2015 update 2 on Windows). Git is optional but allows to clone remote repository for specific features, see Compilation/Options.

zydis - Fast and lightweight x86/x86-64 disassembler library

•    C

Fast and lightweight x86/x86-64 disassembler library. The following example program uses Zydis to disassemble a given memory buffer and prints the output to the console.

x64dbg - An open-source x64/x32 debugger for windows.

•    C++

This is a community effort and we accept pull requests! See the CONTRIBUTING document for more information. If you have any questions you can always contact us or open an issue. You can take a look at the easy issues to get started. You can find an exhaustive list of GitHub contributers here.

bap - Binary Analysis Platform

•    OCaml

The Carnegie Mellon University Binary Analysis Platform (CMU BAP) is a reverse engineering and program analysis platform that works with binary code and doesn't require the source code. BAP supports multiple architectures: ARM, x86, x86-64, PowerPC, and MIPS. BAP disassembles and lifts binary code into the RISC-like BAP Instruction Language (BIL). Program analysis is performed using the BIL representation and is architecture independent in a sense that it will work equally well for all supported architectures. The platform comes with a set of tools, libraries, and plugins. The documentation and tutorial are also available. The main purpose of BAP is to provide a toolkit for implementing automated program analysis. BAP is written in OCaml and it is the preferred language to write analysis, we have bindings to C, Python and Rust. The Primus Framework also provide a Lisp-like DSL for writing program analysis tools. BAP is developed in CMU, Cylab and is sponsored by various grants from the United States Department of Defense, Siemens AG, and the Korea government, see sponsors for more information.

pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy

•    Python

Exploit Development and Reverse Engineering with GDB Made Easy

capstone - Capstone disassembly/disassembler framework: Core (Arm, Arm64, EVM, M68K, M680X, Mips, PPC, Sparc, SystemZ, TMS320C64x, X86, X86_64, XCore) + bindings (Python, Java, Ocaml, PowerShell, Visual Basic)

•    C

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community. Support multiple hardware architectures: ARM, ARM64 (ARMv8), Ethereum VM, M68K, Mips, PPC, Sparc, SystemZ, TMS320C64X, M680X, XCore and X86 (including X86_64).

plasma - Plasma is an interactive disassembler for x86/ARM/MIPS

•    Python

The old project name was Reverse. PLASMA is an interactive disassembler. It can generate a more readable assembly (pseudo code) with colored syntax. You can write scripts with the available Python api (see an example below). The project is still in big development.

Detect-It-Easy - Detect it Easy

•    HTML

Detect It Easy, or abbreviated "DIE" is a program for determining types of files. "DIE" is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS.

rz-ghidra - Deep ghidra decompiler and sleigh disassembler integration for rizin

•    C++

This package only installs the rizin part. To use rz-ghidra from cutter, either use a provided pre-built release starting with Cutter 1.9, which bundles rz-ghidra, or follow the build instructions below. Here, ghidra.sleighhome must point to a directory containing the *.sla, *.lspec, ... files for the architectures that should supported by the decompiler. This is however set up automatically when using the rz-pm package or installing as shown below.

GhIDA

•    Python

GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in IDA. Select a function, both in the Graph view or in the Text View. Then, Press CTRL+ALT+D or (Edit > Plugins > GhIDA Decompiler). Wait a few seconds and a new window will open showing the decompiled code of the function.

CodeDefender

Protect your .Net codes easily with this smart obfuscator!

Texe

Texe is a PE import and export viewer. You can use it to analyze PE files. Texe exports the report in the form of html document with extension .html preceded by the pe file name given.

ScratchABit - Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

•    Python

ScratchABit is an interactive incremental disassembler with data/control flow analysis capabilities. ScratchABit is dedicated to the efforts of the OpenSource reverse engineering community (reverse engineering to produce OpenSource drivers/firmware for hardware not properly supported by vendors, for hardware and software interoperability, for security research). ScratchABit supports well-known in the community IDAPython API to write disassembly/extension modules.

octopus - Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)

•    Python

Huge thanks to QuoScient for having sponsored this project. Octopus is a security analysis framework for WebAssembly module and Blockchain Smart Contract.

rspirv - Rust implementation of SPIR-V module processing functionalities

•    Rust

rspirv defines a common SPIR-V data representation (MR) as the medium for various purposes. rspirv also provides a builder to build the MR iteractively and a parser to parse a given SPIR-V binary module into its MR. A higher level structured representation is currently under developing.SPIR-V is a common intermediate language for representing graphics shaders and compute kernels for multiple Khronos APIs, such as Vulkan, OpenGL, and OpenCL.

ClassAnalyzer - A Java Class File Disassembler

•    Java

Yet another Java class file disassembler.The purpose of ClassAnalyzer is to help me understand Java class file thoroughly.

node-capstone - Node

•    Javascript

node-capstone provides Node.js bindings for the Capstone disassembler library, allowing binary data in Buffer objects to be disassembled using any of Capstone's supported architectures. On Windows and Linux, install a pre-compiled binary from the Capstone download page, or build from source.

sh2dis - An SH2-compatible (Renesas SuperH) disassembler.

•    Python

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

ethersplay - EVM dissassembler

•    Python

EVM dissassembler and related analysis tools. Ethersplay takes as input the evm bytecode in raw format.