#Binary-analysis
Showing 60 of 111 repositories tagged #binary-analysis, ranked by stars
๐ A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
UNIX-like reverse engineering framework and command-line toolset
Program for determining types of files for Windows, Linux and MacOS.
AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
A powerful and open-source toolkit for hackers and security automation - ๅฎๅ จ่กไธไปไธ่ ่ช็ ๅผๆบๆซๆๅจๅ่พ
The FLARE team's open-source tool to identify capabilities in executable files.
LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
State-of-the-art native debugging tools
Symbolic execution tool
EMBA - The firmware security analyzer
Binary Analysis Platform
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
BinAbsInspector: Vulnerability Scanner for Binaries
A curated list of awesome resources related to executable packing
Toolkit to emulate firmware and analyse it for security vulnerabilities
An IDA plugin for binary file analysis, powered by AI models such as OpenAI and DeepSeek.
cwe_checker finds vulnerable patterns in binary executables
Free educational content on reverse engineering and malware analysis from the FLARE team
[Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
The PE file analysis toolkit
Andromeda - Interactive Reverse Engineering Tool for Android Applications
A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse engineers, and low-level programmers.
The Kam1n0 Assembly Analysis Platform
๐ Go binary size SVG treemap
A Binary Genetic Traits Lexer Framework
Binary Analysis Framework in Rust
Framework for Automating Fuzzable Target Discovery with Static Analysis.
Simplifying encrypted traffic analysis for researchers by making protocol decryption effortless.
Open-source reverse engineering lab: 197-article knowledge base + MCP tools + CTF/APK/PE automation toolchain. Agent-native. Note:็ฑไบๅบๆฏๅๅ ๏ผ็ฎๅๆ่ฎฉๅ ไนๆๆAI้ฝไผ่ถ็ฑ็bug๏ผๆๆถไธไฟฎ๐
Components of a decompilation pipeline.
่ฝฏไปถๅฎๅ จๅทฅ็จๅธๆ่ฝ่กจ
:notebook: Some security related notes
:wolf: Malware analysis platform
A comprehensive binary emulation and instrumentation platform.
idenLib - Library Function Identification [This project is not maintained anymore]
A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
ใmacOS่ฝฏไปถๅฎๅ จไธ้ๅๅๆใ้ไนฆๆบ็
FLARE Team's Binary Navigator
Ghidra Analysis Enhancer ๐
A modern, modular, and robust TUI hex editor.
DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
๐ก๐ง Linux kernel syscall implementation tracker
A plugin for IDA that renames functions by system call numbers.
ไฝฟ็จskill่ฎฉ AI Agent ๅๅฎๅ จๅๆๅธไธๆ ทๅๆๆถๆๆ ทๆฌ | AI Agent skill for automated malware analysis using IDA Pro
IdaClu is a version agnostic IDA Pro plugin for grouping similar functions. Pick an existing grouping algorithm or create your own.
Brovan is a user-mode x86_64 binary emulator for your malware analysis & reverse engineering.
Python implementation of the Packed Executable iDentifier (PEiD)
Nyxelf is a highly effective tool tailored for analyzing malicious Linux ELF binaries, offering comprehensive support for both static and dynamic analysis techniques.
A symbolic execution engine for EVM smart contract binaries.
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.
A plugin for IDA that can dump the ELF file easily.
Nampa - FLIRT for (binary) ninjas
Headless AI agent for deterministic reverse engineering.
ๆฏๆMCP่ฐ็จ็ARM Traceๆฑก็น่ฟฝ่ธชไธๆกไปถๆ็ดขๅทฅๅ ท๏ผ้ๆๅฏ่งๅUIใARM64ๆฑก็น่ฟฝ่ธชๅๆไธๅคงๆไปถTraceๆ็ดขใ
A (SLEIGH) disassembler that supports multiple architectures
Binary Ninja plugin for loading VTIL routines and lifting VTIL instructions to LLIL for analysis.
ไธไธช่ช็ฑๅผบๅคง่ทจๅนณๅฐ็ๅๅ ญ่ฟๅถ็ผ่พๅจ / A free, powerful, cross-platform hex editor
An open-source benchmark for evaluating AI agents' ability to find backdoors hidden in compiled binaries.
Cross-platform library for parsing and building PE\PE+ formats