ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

created at March 1, 2019, 3:27 a.m.

962 +0

36,025 +95

4,568 +11

dnSpy by dnSpy

.NET debugger and assembly editor

created at July 1, 2015, 4:05 p.m.

947 +1

22,193 +33

4,356 +14

awesome-pentest by enaqx

A collection of awesome penetration testing resources, tools and other shiny things

created at Aug. 3, 2014, 11:13 p.m.

1,153 -1

17,320 +46

4,111 +3

bytecode-viewer by Konloch

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

created at Oct. 14, 2014, 10:26 a.m.

371 -1

13,385 +12

1,065 +2

cutter by rizinorg

Free and Open Source Reverse Engineering Platform powered by rizin

created at Sept. 25, 2017, 9:50 a.m.

296 +0

12,248 +25

976 +3

theZoo by ytisf

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

created at Jan. 9, 2014, 6:55 p.m.

814 +2

9,161 +25

2,291 +5

binwalk by ReFirmLabs

Firmware Analysis Tool

created at Nov. 15, 2013, 8:45 p.m.

362 +0

8,694 +23

1,330 +1

pics by corkami

Posters, drawings...

created at March 26, 2015, 4:38 p.m.

328 +14

6,742 +609

557 +25

angr by angr

A powerful and user-friendly binary analysis platform!

created at Aug. 6, 2015, 9:46 p.m.

186 +0

6,227 +16

956 +0

de4dot by de4dot

.NET deobfuscator and unpacker.

created at Sept. 20, 2011, 1:50 a.m.

505 +0

6,072 +12

2,492 +2

capstone by capstone-engine

Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.

created at Nov. 27, 2013, 2:32 a.m.

301 +0

6,016 +10

1,378 +5

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

303 +0

5,769 +17

1,148 +1

awesome-threat-intelligence by hslatman

A curated list of Awesome Threat Intelligence resources

created at Dec. 21, 2015, 11:31 a.m.

518 +2

5,589 +22

1,213 +2

arkime by arkime

Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.

created at July 6, 2012, 4:10 p.m.

359 +0

5,364 +13

994 +3

peda by longld

PEDA - Python Exploit Development Assistance for GDB

created at Aug. 3, 2012, 6:26 a.m.

203 +0

5,253 +9

782 +0

gef by hugsy

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

created at March 26, 2015, 10:25 p.m.

130 +0

5,179 +17

629 +2

maltrail by stamparm

Malicious traffic detection system

created at Dec. 4, 2014, 9:33 p.m.

219 +0

4,817 +9

906 +4

al-khaser by LordNoteworthy

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

created at Nov. 12, 2015, 6:35 p.m.

229 +0

4,339 +12

1,033 +2

Detect-It-Easy by horsicq

Program for determining types of files for Windows, Linux and MacOS.

created at June 1, 2014, 9:37 p.m.

151 +2

4,283 +21

522 +1

flare-vm by mandiant

None

created at July 5, 2017, 9:17 p.m.

208 -1

4,240 +9

716 +1