Statically Analyze Code
IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
Software reverse engineering tool suite
Website: https://ghidra-sre.org Author: National Security Agency License: Apache License 2.0: https://github.com/NationalSecurityAgency/ghidra/blob/master/LICENSE Notes: Close CodeBrowser before exiting Ghidra to prevent Ghidra from freezing when you reopen the tool (it's a Ghidra bug). State File: remnux.packages.ghidra
Reverse engineering platform powered by Rizin
Website: https://cutter.re Author: https://github.com/rizinorg/cutter/graphs/contributors License: GNU General Public License (GPL) v3.0: https://github.com/rizinorg/cutter/blob/master/COPYING Notes: If you're planning to use Cutter when running REMnux as a Docker container, you'll need to include the
--privilegedparameter when invoking the REMnux distro image in Docker. State File: remnux.tools.cutter
Determine types of files and examine file properties.
Website: https://github.com/horsicq/Detect-It-Easy Author: hors: https://twitter.com/horsicq License: MIT License: https://github.com/horsicq/Detect-It-Easy/blob/master/LICENSE Notes: GUI tool:
die, command-line tool:
diec. State File: remnux.tools.detect-it-easy
Emulate code execution of PE files, shellcode, etc. for a variety of OS and hardware platforms.
Website: https://www.qiling.io Author: https://github.com/qilingframework/qiling/blob/master/AUTHORS.TXT License: GNU General Public License (GPL) v2.0: https://github.com/qilingframework/qiling/blob/master/COPYING Notes: Use
qltoolto analyze artifacts. Before analyzing Windows artifacts, gather Windows DLLs and other components using the dllscollector.bat script. Read the tool's documentation to get started. State File: remnux.python3-packages.qiling
Statically examine and emulate binary files.
Website: https://github.com/vivisect/vivisect Author: invisigoth: [email protected], installable vivisect module by Willi Ballenthin: https://twitter.com/williballenthin License: Apache License 2.0: https://github.com/vivisect/vivisect/blob/master/LICENSE.txt Notes: vivbin, vdbbin State File: remnux.python3-packages.vivisect
Disassemble binary files.