Statically Analyze Code


IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
Website: Author: Google/Zynamics License: Apache License 2.0: Notes: binnavi State File:​


Software reverse engineering tool suite
Website: Author: National Security Agency License: Apache License 2.0: Notes: Close CodeBrowser before exiting Ghidra to prevent Ghidra from freezing when you reopen the tool (it's a Ghidra bug). State File: remnux.packages.ghidra​


Reverse engineering platform powered by Rizin
Website: Author: License: GNU General Public License (GPL) v3.0: Notes: If you're planning to use Cutter when running REMnux as a Docker container, you'll need to include the --privileged parameter when invoking the REMnux distro image in Docker. State File:​


Determine types of files and examine file properties.
Website: Author: hors: License: MIT License: Notes: GUI tool: die, command-line tool: diec. State File:​


Emulate code execution of PE files, shellcode, etc. for a variety of OS and hardware platforms.
Website: Author: License: GNU General Public License (GPL) v2.0: Notes: Use qltool to analyze artifacts. Before analyzing Windows artifacts, gather Windows DLLs and other components using the dllscollector.bat script. Read the tool's documentation to get started. State File: remnux.python3-packages.qiling​


Statically examine and emulate binary files.
Website: Author: invisigoth: [email protected], installable vivisect module by Willi Ballenthin: License: Apache License 2.0: Notes: vivbin, vdbbin State File: remnux.python3-packages.vivisect​


Disassemble binary files.
Website: Author: Unknown License: GNU General Public License (GPL) State File: remnux.packages.binutils​