ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

created at March 1, 2019, 3:27 a.m.

1,041 +0

52,458 +132

5,935 +11

dnSpy by dnSpy

.NET debugger and assembly editor

created at July 1, 2015, 4:05 p.m.

990 +0

26,800 +32

5,146 +12

awesome-pentest by enaqx

A collection of awesome penetration testing resources, tools and other shiny things

created at Aug. 3, 2014, 11:13 p.m.

1,176 +0

22,105 +55

4,492 +2

bytecode-viewer by Konloch

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

created at Oct. 14, 2014, 10:26 a.m.

379 -1

14,733 +5

1,153 +2

binwalk by ReFirmLabs

Firmware Analysis Tool

created at Nov. 15, 2013, 8:45 p.m.

358 +0

11,580 +91

1,575 +4

theZoo by ytisf

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

created at Jan. 9, 2014, 6:55 p.m.

813 +1

11,411 +19

2,528 +6

pics by corkami

File formats dissections and more...

created at March 26, 2015, 4:38 p.m.

364 +0

10,575 +8

741 +4

awesome-threat-intelligence by hslatman

A curated list of Awesome Threat Intelligence resources

created at Dec. 21, 2015, 11:31 a.m.

568 +1

8,208 +12

1,497 +6

Detect-It-Easy by horsicq

Program for determining types of files for Windows, Linux and MacOS.

created at June 1, 2014, 9:37 p.m.

177 +2

7,790 +33

740 +1

capstone by capstone-engine

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

created at Nov. 27, 2013, 2:32 a.m.

299 +0

7,676 +24

1,561 +0

angr by angr

A powerful and user-friendly binary analysis platform!

created at Aug. 6, 2015, 9:46 p.m.

186 +0

7,648 +15

1,088 +0

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

310 +0

7,413 +21

1,288 +3

gef by hugsy

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

created at March 26, 2015, 10:25 p.m.

138 +1

7,093 +17

741 +1

de4dot by de4dot

.NET deobfuscator and unpacker.

created at Sept. 20, 2011, 1:50 a.m.

514 +0

7,002 +6

2,691 +1

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

201 +1

6,688 +29

928 +0

maltrail by stamparm

Malicious traffic detection system

created at Dec. 4, 2014, 9:33 p.m.

231 +1

6,640 +15

1,100 +5

arkime by arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

created at July 6, 2012, 4:10 p.m.

350 +0

6,422 +12

1,044 +0

al-khaser by LordNoteworthy

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

created at Nov. 12, 2015, 6:35 p.m.

241 +0

5,985 +22

1,179 +2

peda by longld

PEDA - Python Exploit Development Assistance for GDB

created at Aug. 3, 2012, 6:26 a.m.

200 +0

5,912 +7

807 +0

MISP by MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

created at Feb. 7, 2013, 5:10 p.m.

279 +0

5,427 +2

1,414 +4