Jump to content

Can someone suggest some reverse engineering softwares ?


bimbo36

Recommended Posts

On Linux systems you can use the program objdump to view the disassembled code.

I'm not sure what the equivalent would be for Windows, if there is one. The best bet might be to run the code using a debugger (e.g. the one provided in Visual Studio). You can then view the disassembled code and also step through it and see the effect on registers, etc.

Link to comment
Share on other sites

Thanks for the reply .

This looks like a good place to start for Linux because i don't have Linux installed right now .

https://www.tutorialspoint.com/unix_terminal_online.php

As for windows , i guess these are all the options . i found this list from some other site .

I am not sure what is missing from this list .But looks like a nice list .

 

Quote

 

Hopper

    Hopper is a reverse engineering tool for OS X, Linux and Windows, that lets you disassemble, decompile and debug (OS X only) your 32/64bits Intel Mac, Windows and iOS (ARM) executables.

x64dbg

    An open-source x64/x32 debugger for windows.

Visual DuxDebugger

    Visual DuxDebugger is a 64-bit debugger disassembler for Windows, especially useful when the source code is unavailable.

ImmunityDbg

    Immunity Debugger is a branch of OllyDbg v1.10, with built-in support for Python scripting and much more.

PE Explorer's disassembler

    The PE Explorer Disassembler is designed to be easy to use compared with other disassemblers. To that end, some of the functionality found in other products has been left out in order to keep the process simple and fast. While as powerful as the more expensive, dedicated disassemblers, PE Explorer focuses on ease of use, clarity and navigation.

Hiew

    Hiew is a great disassembler designed for hackers, as the name suggests. It supports three modes - Text, Hexadecimal and Decode (Dis-assembly) mode.

radare2

    Radare2 is an open source tool to disassemble, debug, analyze and manipulate binary files.

    It actually supports many architectures (x86{16,32,64}, Dalvik, avr, ARM, java, PowerPC, Sparc, MIPS) and several binary formats (pe{32,64}, [fat]mach0{32,64}, ELF{32,64}, dex and Java classes), apart from support for filesystem images and many more features.

    It runs on the command line, but it has a graphical interface in PyGTK called Bokken that has support for some of its features already.

ODA

    The Online Disassembler is a free web-based, reverse engineering platform that supports over 60 architectures and object file formats from all the major operating systems, including Windows, Mac OS X, Linux, and mobile platforms.


W32Dasm

    W32DASM was an excellent 16/32 bit disassembler for Windows, it seems it is no longer developed. the latest version available is from 200

Capstone

    Capstone is a lightweight multi-platform, multi-architecture disassembly framework.
    Some of ts features are

        multi-architectures: Arm, Arm64 (Armv8), Mips, PowerPC, Sparc, SystemZ, XCore & Intel
        Clean/simple/lightweight/intuitive architecture-neutral API.
        Provide details on disassembled instruction (called “decomposer” by some others).
        Provide some semantics of the disassembled instruction, such as list of implicit registers read & written.
        Implemented in pure C language, with bindings for Python, Ruby, C#, NodeJS, Java, GO, OCaml & Vala available.
        Native support for Windows & *nix (with Mac OSX, iOS, Android, Linux, *BSD & Solaris confirmed).
        Thread-safe by design.
        Special support for embedding into firmware or OS kernel.
        Distributed under the open source BSD license.


BORG Disassembler

    BORG is an excellent Win32 Disassembler with GUI.

DSM Studio Disassembler

    DSM Studio is an easy-to-use yet comprehensive application that can aid you in the disassembly and inspection of executables built for the Intel x86 architecture.


Decompiler


    Decompiler is an easy to use and simply application designed to read program binaries and decompile executable or DLL files. The application is designed to decompile executables for any processor architecture and not be tied to a particular instruction set. Although currently only a x86 front end is implemented, there is nothing preventing you from implementing a 68K, Sparc, or VAX front end if you need one.

Lida - linux interactive disassembler

    lida is a fast feature packed interactive ELF disassembler / code-/cryptoanalyzer based on bastards libdisasm

BugDbg x64 v0.7.5

    BugDbg x64 is a user-land debugger designed to debug native 64-bit applications. BugDbg is released as Freeware.

 

distorm3

 

    A lightweight, Easy-to-Use and Fast Disassembler/Decomposer Library for x86/AMD64

Udis86

    Udis86 is an easy-to-use, minimalistic disassembler library (libudis86) for the x86 class of instruction set architectures. It has a convenient interface for use in the analysis and instrumentation of binary code.

 

BeaEngine

    This project is a package with a multi-platform x86 and x64 disassembler library (Solaris, MAC OSX, AIX, Irix, OS/2, Linux, Windows)

 

C4 Decompiler

        General Machine Code to C Decompiler
        Free Windows I64 target edition
        Interactive Windows GUI

REC Studio 4 - Reverse Engineering Compiler


    REC Studio is an interactive decompiler. It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It has been designed to read files produced for many different targets, and it has been compiled on several host systems.


Retargetable Decompiler


    A retargetable decompiler that can be utilized for source code recovery, static malware analysis, etc. The decompiler is supposed to be not bounded to any particular target architecture, operating system, or executable file format.

 

miasm


    Miasm is a a free and open source (GPLv2) reverse engineering framework written in python. Miasm aims at analyzing/modifying/generating binary programs.

 

Free Code Manipulation Library


    This is a general purpose machine code manipulation library for IA-32 and Intel 64 architectures. The library supports UNIX-like systems as well as Windows and is highly portable. The FCML library is free for commercial and non-commercial use as long as the terms of the LGPL license are met. Currently it supports such features as:

        A one-line disassembler
        A one-line assembler
        An experimental multi-pass load-and-go assembler (Multi line!)
        Support for the Intel and AT&T syntax
        An instruction renderer
        An instruction parser
        Instructions represented as generic models
        UNIX/GNU/Linux and Windows support
        Portable - written entirely in C (no external dependencies)
        Supported instruction sets: MMX, 3D-Now!, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, SSE4A, AVX, AVX2, AES, TBM, BMI1, BMI2, HLE, ADX, CLMUL, RDRAND, RDSEED, FMA, FMA4, LWP, SVM, XOP, VMX, SMX

 

Intel® X86 Encoder Decoder Software Library


    Intel® XED is a software library (and associated headers) for encoding and decoding X86 (IA32 and Intel64) instructions.

 

angr


    angr is a framework for analyzing binaries. It focuses on both static and dynamic symbolic ("concolic") analysis, making it applicable to a variety of tasks.

 

 

Link to comment
Share on other sites

  • 3 weeks later...

dylrovertson

Thanks for the suggestion . I will try to install that version of Linux .

A lot of people said IDA Pro . Anyway i managed to install IDA pro in my windows 7 PC . Looks good .

Somebody from some other forum also sent me an exe to learn reverse engineering .

Right now , busy learning assembly language from scratch for a second time .

I am glad i found something to do with my free time .

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.