Software Reverse Engineering (SRE)

Web Supplement to Master’s Thesis at San José State University

  • You are here: 
  • Home
  • Reverse Engineering Tools

Reverse Engineering Tools

Reverse Engineering Tools:

Name Type Description Download
Apache Commons BCEL™ Java bytecode engineering library The Byte Code Engineering Library (Apache Commons BCEL™) is intended to give users a convenient way to analyze, create, and manipulate Java bytecode.
ASM Java bytecode engineering library ASM is an all purpose Java bytecode manipulation and analysis framework. It can be used to modify existing classes or dynamically generate classes, directly in binary form.
Boomerang Machine code decompiler The Boomerang project is an attempt to create a free native code decompiler for cases where the source code for an application is lost.
CafeBabe Java bytecode editor CafeBabe functions as a graphical disassembler and editor of Java bytecode. Manual editing of bytecode is limited to the constant pool section.
COBF Source obfuscator COBF is a source code obfuscator, which means that it performs transformations on source that makes it difficult for a human to understand but is functionally equivalent to the original source when compiled and run.
DILE .NET Intermediate Language interactive debugger and disassembler Dotnet IL Editor (DILE) allows disassembling and debugging .NET 1.0/1.1/2.0/3.0/3.5/4.0 applications without source code or .pdb files. It can debug even itself or the assemblies of the .NET Framework on IL level.
FernFlower Java bytecode decompiler FernFlower is the first analytic decompiler for java. It will decompile class files and jar files to human readable java code. It also will deobfuscate the source if you ask it to.
Frida Machine code instrumentation and analysis Frida is a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript into native apps on Windows, Mac, Linux, iOS and Android.
FrontEnd Plus Java bytecode decompiler FrontEnd Plus is a graphical workbench that acts as a front-end to the Jad Java decompiler.  The ability to compile the generated Java source code doesn’t work consistently, therefore manual compilation of is often needed.
IDA Pro Machine code interactive debugger and disassembler IDA Pro is an interactive debugger and disassembler for programs compiled down to native code, for example C/C++ binaries. The program contains several sophisticated algorithms for generating graphs and execution maps for native code—assisting one in recovering the design and even pseudo-code of an application.
ILSpy .NET Intermediate Language browser and decompiler ILSpy is the open-source .NET assembly browser and decompiler.
Jad Java bytecode decompiler Jad takes as input Java class files (bytecode) and attempts to produce functionally equivalent Java source code. In the case where the Java bytecode is not obfuscated to make reversing engineering more difficult—the resulting Java source code does come fairly close to what was originally written by the programmer.
Jclasslib Bytecode Viewer Java bytecode viewer with editing library jclasslib bytecode viewer is a tool that visualizes all aspects of compiled Java class files and the contained bytecode. In addition, it contains a library that enables developers to read, modify and write Java class files and bytecode.
OllyDbg Machine code interactive debugger and disassembler OllyDbg is a shareware Windows interactive debugger and disassembler. The tool has an emphasis on binary (native) code analysis which makes it particularly helpful in cases where the source code for the target program is unavailable. Some noteworthy capabilities of the tool include: ability to generate a patch to native the code based on changes made during a debug session, full support for UNICODE strings, code analysis which indentifies procedures (functions), loops, and API calls.
PEBrowse Professional Interactive Machine code interactive debugger and disassembler PEBrowse Professional Interactive is an on-line interactive Windows application (user mode) debugger and disassembler that operates at the lowest level possible—the Intel x86 instruction level. This tool can be used to perform static (off-line) analysis of Windows programs or system DLLs or dynamic (on-line) analysis of a program as is it runs.
ProGuard Java bytecode obfuscator ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names. Finally, it preverifies the processed code for Java 6 or for Java Micro Edition.
RetroGuard Java bytecode obfuscator Java bytecode contains much of the information that was contained in the originating Java source files, leaving products exposed to decompilation. RetroGuard, a general purpose Java obfuscator, is designed to fit effortlessly into a regular build and testing process, providing peace of mind that valuable Java bytecode is more secure against decompilation.
Reverse Engineering Compiler (REC) Machine code decompiler REC is a portable reverse engineering compiler, or decompiler. It reads an executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It is portable because it has been designed to read files produced for many different targets, and it has been compiled on several host systems. RecStudio offers a modern user interface to REC’s interactive mode.
SandMark Java bytecode obfuscator and code signer SandMark is tool that implements sophisticated algorithms that provide Java bytecode watermarking and obfuscation. While the tool mostly exists to test research in the areas of software watermarking and obfuscation, it has practical use to programmers who wish to make their Java programs more difficult to pirate and reverse engineer.
ThreatExpert Malware scanner and threat report generator ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode.
VirusTotal Malware scanner and antivirus aggregator VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
Windows Sysinternals System monitoring and debugging suite Windows Sysinternals is a comprehensive suite of tools that can be used to debug, analyze, and monitor applications running on windows and even Windows operating system itself. An example of one of the more powerful tools in the suite is the Process Explorer which reports all of the files, directories, and programs that an application accesses during its execution.


Posted on May 10th, 2009 | By: teodoro

Comments are closed.