RE
Slides and files for the Reversing Rust Binaries: One step beyond strings workshop at REcon 2024, presented on June 28, 2024.
Decompile py2exe Python 3 generated EXEs
A cross-version Python bytecode decompiler
GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.
Binary code coverage visualizer plugin for Ghidra - just without crashes on unknown insns
Analyze Golang with Ghidra
IDApython Scripts for Analyzing Golang Binaries
A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.
Free and Open Source Reverse Engineering Platform powered by rizin
Ghidra scripts for recovering string definitions in Go binaries
IDA plugin and loader for UEFI firmware analysis and reverse engineering automation
An index of Windows binaries, including download links for executables such as exe, dll and sys files
A Python library/CLI tool for parsing Apple's Image4 format.
Kernel Debug Kit Mirror for macOS Ventura and newer
A (SLEIGH) disassembler that supports multiple architectures
Program for determining types of files for Windows, Linux and MacOS.
Portable Executable reversing tool with a friendly GUI
FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints.
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!