Reverse-Engineering on HackyFeed

.github

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pretendo Network is a repository designed to support community collaboration by providing essential files and templates for contributors. Its primary use case includes establishing guidelines for licensing, security, and conduct within the community. Notable features include a structured contribution guide and established policies to ensure a cooperative and secure environment for development.

README

Pretendo Network

This special repository contains community files and common templates.

.NET-Deobfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: .NET Deobfuscator is a comprehensive resource cataloging various open-source tools designed for the deobfuscation and unpacking of .NET applications. It serves as a centralized reference for developers needing to reverse-engineer obfuscated or packed .NET assemblies, featuring tools for numerous specific obfuscation methods such as Agile, Babel, and BoxedAppPacker among others. Notable features include linked resources for each tool, allowing for easier navigation and access to functionalities tailored for specific obfuscators.

.NET-Obfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: .NET Obfuscator is a protection tool designed for .NET applications, aimed at preventing reverse engineering by transforming the original code into a format that is difficult to decipher. Its notable features include the ability to obscure intellectual property, enhance security against vulnerabilities, and reduce code size for improved application performance.

README

.NET-Obfuscator

.NET Obfuscator is a tool that is used to protect .NET applications from reverse engineering.

This is done by transforming the original .NET code into a form that is difficult to understand, making it hard for attackers to decompile the code and understand how it works.

ai-website-cloner-template

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The AI Website Cloner Template is a sophisticated tool designed to reverse-engineer any website into a modern Next.js codebase using AI coding agents. By pointing the tool at a target URL, it performs a comprehensive analysis to extract design tokens and assets, generate component specifications, and facilitate parallelized reconstruction of the site’s sections. Key features include support for multiple AI agents, a detailed multi-phase cloning pipeline, and compatibility with modern web technologies like Next.js and Tailwind CSS.

Android-Security-Exploits-YouTube-Curriculum

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Android Security & Reverse Engineering YouTube Curriculum is a comprehensive educational resource focused on various aspects of Android security, including exploits, reverse engineering, and vulnerabilities in mobile applications. It features a curated collection of talks and demonstrations from prominent security conferences, addressing topics like heap exploitation, mobile permissions, and countermeasures against mobile threats. Notably, it educates on advanced concepts such as Bluetooth security, malware analysis, and attack vectors affecting the Android ecosystem, making it essential for cybersecurity practitioners and researchers.

android-unpacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Android Unpacker tool facilitates the reverse engineering and unpacking of Android applications protected by various obfuscation techniques, including APKProtect and Bangcle. Its notable features include a native unpacker that operates without dependencies on GDB, scripts for unpacking specific protections, and methods for hiding debugging environments from detection. This tool is primarily intended for educational and research purposes in the field of malware analysis.

README

android-unpacker

Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0

android-unpinner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Android Unpinner is a tool designed to facilitate the removal of SSL certificate pinning from Android APKs without requiring root access. Utilizing the Frida framework, it modifies only the AndroidManifest.xml file to enable debugging, while dynamically injecting a Frida Gadget via ADB to perform the unpinning process. The tool is equipped with comprehensive dependencies for cross-platform use and supports handling XAPKs by extracting and installing split APKs effectively.

Androl4b

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Androl4b is an Android security virtual machine based on Ubuntu Mate, designed for reverse engineering and malware analysis, incorporating a comprehensive suite of tools and resources. It features updated frameworks, hands-on labs, and various security assessment tools like Radare2, Frida, and MobSF, facilitating both static and dynamic analysis of Android applications. The environment is tailored for security researchers and developers to enhance their understanding and skills in Android security.

Andromeda

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Andromeda is a performance-oriented tool designed for accelerating the initial reverse engineering of Android applications, leveraging its C/C++ implementation. It aims to simplify the analysis process with a straightforward command-line interface, making it accessible for security researchers and developers. Currently in early development, Andromeda highlights the potential for speed improvements over alternative solutions in the same domain.

README

Andromeda makes initial reverse engineering work of Android applications bit faster and easier. Compared to other alternatives, it’s written in C/C++ and has a noticeable performance advantage.

anti-emulator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The anti-emulator tool is designed to detect emulated Android environments, leveraging various detection techniques inspired by both malware behavior and innovative methodologies. It serves primarily for educational and research purposes in the context of malware analysis and reversing, offering a collection of detection mechanisms while promoting responsible use. The project includes both source code and supportive materials, such as presentation slides from its initial unveiling.

README

anti-emulator

Android Anti-Emulator, originally presented at HitCon 2013: “Dex Education 201: Anti-Emulation”

AntiCheat-Testing-Framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The AntiCheat-Testing-Framework is a comprehensive tool designed for testing and analyzing various anti-cheat mechanisms in the gaming industry. It provides a modular architecture with several integrated modules, allowing users to customize their setup for specific testing purposes. This framework aims to democratize knowledge in the field of anti-cheat research, facilitating both learning and practical application.

README

AntiCheat-Testing-Framework

Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any Anti-Cheat and learn along the way. The entry level to reverse AntiCheats and Cheats is quite high, therefore, I’m realeasing all the code I developed during my research. The main idea is to help people and motive them to get into this topic which is really interesting and there is a lot to research about it.

AntiDBG

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AntiDBG is a tool designed for implementing various anti-debugging techniques on Windows, categorized by methods such as memory, CPU, timing, and forced exceptions. The primary use case is to create self-contained checks that automatically detach debuggers, enhancing the security of applications against reverse engineering. Notable features include a simple API for integration, a testing application named The Gauntlet to evaluate resistance against these techniques, and an emphasis on readability for educational purposes.

apk.sh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: apk.sh is a Bash script designed to streamline the reverse engineering of Android applications by automating tasks such as pulling, decoding, rebuilding, and patching APK files. It incorporates apktool for disassembling and reassembling resources, supports direct bytecode manipulation to prevent decompilation errors, and facilitates the integration of the frida-gadget for dynamic analysis without requiring a rooted device. Notable features include support for app bundles, multi-architecture compatibility, and code signing.

apkleaks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APKLeaks is an automated tool for scanning Android APK files to identify potentially sensitive information such as URIs, endpoints, and secrets. It integrates with the JADX disassembler for decompilation and offers customizable pattern matching through user-defined JSON files, alongside various output options, including text and JSON formats. Key features include support for disassembler arguments, making it flexible for advanced usage scenarios in security assessments of mobile applications.

README

APKLeaks

apkstudio

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APK Studio is an open-source, cross-platform Integrated Development Environment (IDE) designed for reverse-engineering Android application packages (APKs). Its notable features include a built-in code editor with syntax highlighting for smali and other file types, automatic installation of essential tools, and support for manufacturer-specific frameworks, making it a comprehensive tool for decompiling, recompiling, and signing APKs. Additionally, APK Studio supports command-line operations, theming, and provides quick search functionalities across projects, enhancing the user experience for developers and analysts.

apple-knowledge

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “hack-different/apple-knowledge” repository hosts a compilation of reverse-engineered Apple data formats and protocols, primarily serving as a resource for jailbreak developers and hobbyists. Notable features include the availability of YAML files for machine-readable data, a collection of binary analysis and modification tools, and a Homebrew tap for easy installation of jailbreak-related utilities. The project emphasizes adherence to copyright laws while encouraging community contributions.

README

Apple Data Formats and Knowledge

A collection of reverse engineered Apple formats, protocols, or other interesting bits.

AppleNeuralHash2ONNX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AppleNeuralHash2ONNX is a tool that converts Apple’s NeuralHash model, used for CSAM detection, into the ONNX format, allowing for greater integration and use in various deep learning frameworks. Notable features include the ability to tolerate image resizing and compression, and a comprehensive conversion process that includes decoding model components stored in LZFSE format. The repository also provides a demo script for testing the converted model’s functionality.

README

AppleNeuralHash2ONNX

Convert Apple NeuralHash model for CSAM Detection to ONNX.

appmon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AppMon is an automated framework designed for monitoring and tampering system API calls in native macOS, iOS, and Android applications, leveraging the capabilities of Frida. Its primary use case includes intercepting API calls to analyze app behavior and manipulating these calls to alter the original application functionalities. Notable features encompass an API sniffer, an intruder for data manipulation, an Android tracer for analyzing APKs, and tools for creating inspectable IPAs and APKs on non-jailbroken and non-rooted devices respectively.

AsmResolver

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AsmResolver is a library designed for reading, modifying, and reconstructing Portable Executable (PE) files, with support for both unmanaged and managed (.NET) binaries. Its primary use case includes comprehensive manipulation of PE file structures, such as modifying sections and metadata, reconstructing Import Address Tables, and providing easy access to .NET metadata through a user-friendly API. Notable features include cross-platform compatibility, robust handling of obfuscated binaries, and support for a wide range of resource types and debugging symbols, all while being fully documented and unit tested.

Awesome-Android-Reverse-Engineering

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Android Reverse Engineering is a comprehensive repository that curates a wide range of resources, training, and tools specifically designed for reverse engineering Android applications and systems. It includes categories for static and dynamic analysis tools, decompilers, malware analysis, and extensive training materials such as courses, videos, and books. Notably, it provides a user-friendly navigation system with search functionality and highlights significant resources to facilitate efficient learning and research in Android security.

Awesome-Blackhat-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Black Hat Tools is a curated repository of cybersecurity tools showcased at Black Hat events globally, serving as a practical reference for professionals in offensive, defensive, and research-driven cybersecurity. The tools are systematically organized by event location, year, and category, including Red Teaming, OSINT, and more, ensuring easy accessibility for users seeking field-tested solutions. This repository encourages community contributions to continually enhance the collection, making it a dynamic resource for current cybersecurity methodologies.

awesome-executable-packing

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Executable Packing is a comprehensive resource catalog focused on the techniques and tools related to the packing of executable files, including various formats like Portable Executable and Executable and Linkable Format. The repository collects literature, datasets, packing tools, and detection methodologies, emphasizing the key functions of packing such as compression, encryption, and obfuscation to protect and modify executables. Notable features include curated references to scholarly articles, documentation, and a classification of packers by historical context.

Awesome-Hacking-Resources

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Hacking Resources is a comprehensive collection of materials designed for individuals looking to enhance their skills in hacking and penetration testing. The repository includes various categories such as learning resources, online courses, forums, and tools crucial for topics like malware analysis and network scanning, promoting community contribution and knowledge sharing within the cybersecurity field. Notably, it features a dedicated list of tools and links to educational content, making it a valuable resource for both beginners and advanced practitioners.

awesome-list

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome Cybersecurity List” repository aggregates a personal collection of insightful blog posts, research papers, and write-ups pertaining to various aspects of cybersecurity. It serves as a resource for both enthusiasts and professionals looking for in-depth analysis on contemporary cybersecurity topics and advancements. Notable features include a chronological outline of topics and a dedicated section for cybersecurity tools, ensuring users can easily navigate through valuable content.

README

Awesome Cybersecurity List

My personal collection of awesome blog posts, write-ups, and papers focusing on cybersecurity.

awesome-llvm-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The awesome-llvm-security repository is a curated collection of skills designed for AI agents and coding assistants that focus on LLVM security topics. It provides a set of specialized techniques, including binary lifting, dynamic instrumentation, code obfuscation, and various LLVM tooling resources, making it a valuable asset for developers and researchers in compiler development and security hardening. Notable features include an easy installation process for these skills using npx and comprehensive resources for learning and implementing LLVM-related security practices.

awesome-mobile-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-mobile-security” repository serves as a comprehensive resource for mobile security professionals, aggregating a wide range of blogs, papers, and how-to resources relevant to Android security and penetration testing. Its primary use case is to provide guidance and knowledge on mobile application vulnerabilities, security testing methodologies, and tools, making it a valuable asset for those aiming to improve mobile application security. Notable features include links to various security guides, OWASP resources, and pentesting labs, enabling users to deepen their understanding and practical skills in mobile security.

Baileys

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Baileys is a WebSockets-based TypeScript library designed for direct interaction with the WhatsApp Web API, eliminating the need for Selenium or any browser, thus optimizing memory usage. It supports both the multi-device and web versions of WhatsApp, allowing developers to efficiently implement messaging functionalities. Notable features include a simplified interface for interaction and removal of browser dependencies, reducing resource overhead.

README

Baileys is a WebSockets-based TypeScript library for interacting with the WhatsApp Web API.

[!CAUTION] NOTICE OF BREAKING CHANGE.

BinAbsInspector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BinAbsInspector is a static analysis tool designed for automated reverse engineering and vulnerability scanning of binary files, utilizing abstract interpretation and integrating with Ghidra. It supports multiple architectures including x86, x64, armv7, and aarch64, and can operate in headless mode, GUI mode, or within a Docker environment. Notable features include customizable analysis parameters, Z3 integration for constraint solving, and the ability to output results in JSON format.

README

What is BinAbsInspector?

BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra’s Pcode instead of assembly. Currently it supports binaries on x86,x64, armv7 and aarch64.

binaryninja-api

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Binary Ninja API repository provides comprehensive C++, Python, and Rust APIs for the Binary Ninja reverse engineering platform, enabling developers to create plugins and enhance functionality. Notable features include extensive online documentation, examples for various applications, and support for building UI and headless plugins. The setup process includes CMake-based build instructions, ensuring compatibility with specific Binary Ninja versions through a revision hash.

README

Binary Ninja API

This repository contains documentation and source code of the C++, Python, and Rust APIs for the Binary Ninja reverse engineering platform.

bincat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BinCAT is a static binary code analysis toolkit designed to assist reverse engineers using IDA and Python automation. Its primary use cases include value and taint analysis, type reconstruction, and detection of memory management issues like use-after-free and double-free errors. Notable features include support for multiple CPU architectures, integration with IDA version 7.4 or later, and the ability to operate both locally and remotely via a web service.

binder-trace

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Binder Trace is a Python-based tool designed for intercepting and parsing Android Binder messages, functioning similarly to Wireshark for Binder communication. It requires a rooted Android device or emulator and leverages Frida for live analysis, allowing users to attach to specific processes and capture Binder transactions. Notable features include support for various Android versions, customizable structure files, and interactive controls for navigating captured data.

README

Binder Trace

Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as “Wireshark for Binder”.

binexport

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BinExport is a plugin for disassemblers such as IDA Pro, Binary Ninja, and Ghidra that facilitates the export of disassembly data into Protocol Buffer format, which is essential for use with the BinDiff tool. Its primary use case is in binary analysis and reverse engineering, enabling users to perform efficient comparison and analysis of executable files. Notable features include support for multiple platforms (Linux, macOS, Windows) and seamless integration with popular static analysis tools.

binsider

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Binsider is a versatile tool designed for reverse engineers, enabling both static and dynamic analysis of binary files through an intuitive terminal interface. Key functionalities include inspection of binary metadata, string analysis, examination of linked libraries, and detailed ELF layout analysis, all aimed at enhancing understanding of executable files.

README

"Swiss army knife for reverse engineers."

Documentation | Website

😼🕵️‍♂️ Binsider can perform static and dynamic analysis, inspect strings, examine linked libraries, and perform hexdumps, all within a user-friendly terminal user interface!

biodiff

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: biodiff is a binary file comparison tool that employs bioinformatics algorithms to align and display two binary files side by side, allowing users to identify similarities and differences in byte sequences. Its notable features include customizable byte representations, multiple viewing modes (aligned and unaligned), and advanced search capabilities using text and regex, which facilitate detailed analysis of binary data. Additionally, users can perform both block-level and global alignments, making it suitable for examining varying sizes of binary files efficiently.

botw

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The zeldaret/botw repository is an experimental work-in-progress decompilation of The Legend of Zelda: Breath of the Wild version 1.5.0 for the Nintendo Switch. Its primary use case is to facilitate the understanding of the game’s internal mechanics, support glitch hunting efforts, and provide comprehensive documentation for future reverse engineering initiatives. Notable features include ongoing progress tracking and community collaboration through Discord for contributors.

README

The Legend of Zelda: Breath of the Wild

CANalyzat0r

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CANalyzat0r is a modular and extensible tool designed for analysis and management of Controller Area Network (CAN) traffic, including support for CAN FD. It features a graphical user interface for comfortable analysis, multi-interface support, project management capabilities, and advanced functionalities such as threaded sending, fuzzing, and packet filtering, making it a comprehensive solution for CAN traffic analysis and experimentation.

README

This software project is a result of a Bachelor’s thesis created at SCHUTZWERK in collaboration with Aalen University by Philipp Schmied (@CaptnBanana).

CAPEv2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CAPE (Malware Configuration And Payload Extraction) is an advanced malware sandbox designed to execute and analyze malicious files in an isolated environment while capturing dynamic behavior and forensic artifacts. Key features include automated malware unpacking, YARA signature-based classification, comprehensive API hooking for behavioral instrumentation, and detailed memory and network traffic analysis. CAPE enhances traditional sandboxes with interactive desktop capabilities and sophisticated unpacking techniques, making it a powerful tool for malware research and analysis.

copilot-api

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Copilot API Proxy is a reverse-engineered tool that enables access to the GitHub Copilot API through an OpenAI and Anthropic-compatible interface, allowing integration with various platforms that support these APIs. Key features include a user-friendly web dashboard for monitoring API usage, flexible authentication options, rate limit management, and the capability to integrate with Claude Code for enhanced coding assistance. This proxy is not officially supported by GitHub and should be used responsibly to prevent account restrictions.

Cpp2IL

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cpp2IL is a tool designed to reverse Unity’s IL2CPP build process, converting Unity games’ compiled binary formats back into their original managed DLLs. Its primary use case is for developers and reverse engineers working with Unity-based applications, providing functionalities such as output format customization and a planned plugin system for extended compatibility. Noteworthy features include a major rewrite for enhanced flexibility, reliance on LibCpp2IL for metadata processing, and the upcoming integration of an intermediate representation (ISIL) for improved analysis of various instruction sets.

CTFs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CTFs is a repository containing write-ups and resources for various Cyber Capture The Flag (CTF) challenges. It offers a comprehensive cheat sheet detailing strategies and techniques across diverse categories, including forensics, binary exploitation, web challenges, and cryptography. Notable features include curated educational resources, practice sites, and a web mirror for easy access.

README

CTFs

Writeups / Files for some of the Cyber CTFs that I’ve done

I’ve also included a list of CTF resources as well as a comprehensive cheat sheet covering tons of common CTF challenges

ctftool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ctftool is an interactive command-line tool designed for exploring and experimenting with the CTF protocol used in Windows for Text Services. Its primary use case includes studying Windows internals, debugging Text Input Processors, and analyzing security within the CTF environment, with notable features such as support for scripting, automated interactions, and various commands for managing connections and clients. The tool is compatible with Windows 7, 8, and 10, supporting both 32-bit and x64 architectures.

ddisasm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DDisasm is a high-performance disassembler that accurately translates binaries from ELF and PE formats into a reassemblable assembly code representation using the GTIRB intermediate format. Utilizing the Datalog declarative logic programming language, it derives code locations, symbolization, and function boundaries, supporting multiple instruction set architectures including x86, ARM, and MIPS. Notable features include Docker support for easy setup and integration with GTIRB for further binary analysis and manipulation.

debundle

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Debundle is a tool designed to unpack JavaScript bundles generated by Webpack and Browserify, facilitating reverse engineering and analysis by converting minified code back into a more readable file structure. Notably, it allows users to specify configuration options for various bundling types and outputs organized directories containing the original modules, though it does not guarantee a lossless recovery of the original source code. The project is no longer maintained, and users are advised to exercise caution as it may not perform reliably on all real-world bundles.

dembrandt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dembrandt is a command-line tool designed to extract design systems from any website into structured design tokens, including elements such as colors, typography, and components. Its notable features include the ability to generate a brand guide PDF, output data in W3C Design Tokens format, and support for various browser configurations to bypass bot protection on target sites. The tool is easily installed via npm and offers a range of options for customization and output format.

dethrace

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dethrace is a recreation project aimed at reverse-engineering the 1997 game Carmageddon to enable it to run natively on contemporary systems. The tool supports building with CMake and SDL2, and allows users to leverage original game assets or demo versions for gameplay. Notably, it offers configuration options through an INI file and supports CD audio playback from compatible folders, enhancing the authenticity of the gaming experience.

README

Dethrace

dexcalibur

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dexcalibur is an advanced Android reverse engineering platform that focuses on automating dynamic instrumentation for improved analysis. Its notable features include the ability to decompile and disassemble intercepted bytecode at runtime, manage multiple hooks, and perform static analysis with its built-in engine capable of executing smali code. This tool is designed to streamline the tedious tasks associated with dynamic analysis, making it essential for security researchers and developers.

droidReverse

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: droidReverse is a comprehensive toolkit for Android reverse engineering, integrating multiple tools for decompiling APK files and analyzing bytecode. Its primary use case is facilitating the examination and modification of Android applications by converting APKs to readable formats and supporting various analysis capabilities, including malware detection. Notable features include support for multiple decompilation techniques, a graphical user interface for various tools, and capabilities for dynamic editing and package management.

dumpulator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dumpulator is a dynamic code emulation library designed for analyzing minidump files, facilitating the reverse engineering of malware and other binaries. Its primary use case includes emulating function calls and tracing execution paths within dumped memory structures, allowing users to decrypt strings and execute code snippets easily. Notable features comprise memory allocation, UTF-16 string reading, and the ability to trace execution for debugging purposes, all while presenting a clean interface for integration within Python scripts.

Dwarf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dwarf is a versatile debugger designed for reverse engineers, crackers, and security analysts, facilitating the analysis of applications on various platforms, including Android, iOS, and local environments. Leveraging PyQt5 and Frida, it offers features such as a debugging UI, session management with agent integration, and the ability to trace Java and native functions, enabling users to conduct detailed investigations into application behavior. Additionally, Dwarf supports scripting with a dedicated API that enhances productivity through autocompletion and inline documentation.

e9patch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: E9Patch is a static binary rewriting tool designed for x86_64 Linux ELF binaries that enables users to modify and patch binaries without introducing dependencies, making the output a drop-in replacement. Notable features include its scalability for large binaries, fast rewriting capability, low overhead performance, and programmability for integration with other projects. With functionalities such as instruction instrumentation and various supported modes, E9Patch can effectively enhance binary behavior for tasks such as fuzzing and system call interception.

edb-debugger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: edb-debugger is a cross-platform debugger that supports AArch32, x86, and x86-64 architectures, facilitating development and debugging across multiple operating systems, with Linux as the officially supported platform. Notable features include a user-friendly interface, compatibility with modern compilers and libraries, and ongoing development for additional platforms such as FreeBSD, OpenBSD, OSX, and Windows. The tool aims to replicate and extend the capabilities of Ollydbg while adding multi-architecture support.

README

eDBG

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: eDBG is a lightweight CLI debugger based on eBPF, designed for Android ARM64 platforms, which offers enhanced resistance to anti-debugging mechanisms compared to traditional ptrace-based debuggers. Its notable features include a user-friendly CLI interface akin to pwndbg, support for standard debugging functionalities, and a file and offset-based breakpoint registration system that facilitates fast startup and multi-threaded or multi-process debugging. Additionally, eDBG operates without direct program attachment, enabling stable dynamic analysis with minimal intrusion.

efiXplorer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: efiXplorer is an IDA plugin and loader designed for the analysis and automation of reverse engineering UEFI firmware. Its primary use case is to facilitate the discovery of vulnerabilities in UEFI firmware through automated static analysis, and it provides features that enhance the recovery of service function calls within such firmware. Notably, it supports integration with various hex-ray tools and includes comprehensive documentation for installation and usage.

README

EntityFramework-Reverse-POCO-Code-First-Generator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The EntityFramework Reverse POCO Code First Generator is a tool designed to reverse engineer existing databases and generate fully customizable Entity Framework Code First POCO classes along with configuration mappings and DbContext setups. Its primary use case is to facilitate the rapid creation of data access code that mimics hand-crafted designs, enhancing readability and maintainability. Notable features include support for multiple database types (including SQL Server and PostgreSQL), customizable output through template files, and integration with Visual Studio via a VSIX installer.

epicgames-freegames-node

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EpicGames-FreeGames-Node is an automated tool designed to log into the Epic Games Store and identify available free games efficiently. Its primary use case is to simplify the process of retrieving checkout links for free games across multiple user accounts and can be executed on a scheduled basis. Notable features include support for JSON configuration, multiple notification mechanisms (such as email, Discord, and Telegram), and the ability to handle device code authentication for logging in.

fernflower

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fernflower is an analytical decompiler for Java, capable of converting compiled Java class files back into human-readable source code. It is integrated within IntelliJ IDEA for debugging and navigation, and can also be executed from the command line to decompile class files, ZIPs, and JARs, offering numerous customizable command-line options to fine-tune the decompilation process. Notable features include support for decompiling inner classes, handling generic signatures, and options for renaming identifiers based on debugging information.

FISSURE

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FISSURE is an open-source RF framework designed for signal understanding and reverse engineering, catering to both operational and educational needs. It enables users to detect, classify, and manipulate RF signals, perform automated vulnerability testing, and integrate with TAK for real-time situational awareness. Key features include support for various deployment options, from desktop GUIs to headless nodes, and a robust plugin ecosystem for enhanced functionality.

README

FISSURE - The RF Framework

Frequency Independent SDR-based Signal Understanding and Reverse Engineering

FLIRTDB

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FLIRTDB is a repository for storing and sharing signature files generated using the Fast Library Identification and Recognition Technology (FLIRT) used by IDA for identifying and renaming known library subroutines in disassembled binaries. Its primary use case is to alleviate the challenges faced by reverse engineers who require signature files for various library versions that may not be provided by Hex-Rays, allowing for easier analysis of symbol-stripped binaries. Notable features include community contributions for generating and organizing signatures, support for conflict management, and adherence to ethical submission guidelines.

Free-Auto-GPT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Free-Auto-GPT is an open-source implementation of autonomous AI agents like Auto-GPT and BabyAGI, designed to operate without paid APIs, thus enabling users to leverage advanced AI capabilities at no cost. Its notable features include easy integration with the Hugging Face and ChatGPT ecosystems, allowing users to access a variety of AI models without significant hardware requirements or financial constraints. This democratizes AI technology, making it accessible for small businesses and individuals seeking to innovate without hefty investments.

free-one-api

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: free-one-api is a flexible API tool that allows users to access various large language model (LLM) reverse engineering libraries via a standard OpenAI API format. Its primary use case is facilitating seamless interactions with multiple LLMs while providing notable features such as automatic load balancing, web UI support, streaming mode, and a heartbeat detection mechanism to ensure reliability. Additionally, it enables contributors to expand its functionality by testing and integrating new adapters.

frida-ios-dump

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: frida-ios-dump is a tool designed for extracting decrypted IPA files from jailbroken iOS devices. The primary use case involves leveraging Frida to automate the process of dumping application binaries, making it particularly useful for security researchers and developers analyzing iOS applications. Notable features include support for both Python 2.x and 3.x, as well as a straightforward command-line interface for initiating the dump process with either the display name or bundle identifier of the target app.

frida-ios-hook

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Frida iOS Hook is a Python-based tool designed for dynamic analysis and function hooking of iOS applications through Frida. Its primary use case involves tracing classes and functions, modifying method return values, and providing a suite of commands for process manipulation, memory dumping, and API interception. Notable features include support for both spawn and attach modes, an interactive CLI, and extensive options for script execution and device management.

Frida-Labs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Frida-Labs is a repository designed to facilitate learning Frida for Android through a series of structured challenges, ranging from basic setup to intermediate-level tasks. The primary use case is to help users grasp the fundamentals of using Frida by engaging with practical scenarios that involve hooking methods, changing variable values, and native function invocation. Notable features include a variety of challenges, organized solutions, and an emphasis on understanding Frida scripts, making it an ideal starting point for beginners.

frida-scripts

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The frida-scripts repository provides a collection of instrumentation scripts designed for reverse engineering applications on iOS, Android, and Linux platforms using the Frida tool. Key features include full-featured tracers and enumerators for Objective-C, Java, and Linux binaries, enabling deep analysis and manipulation of app behaviors. The scripts may require customization and are suitable for advanced users involved in mobile and software security research.

README

frida-scripts

A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps and more.

fridare

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fridare is an automation tool for modifying the Frida server on iOS, Android, Linux, and Windows platforms, designed to enhance security and flexibility by allowing users to change server names and ports while bypassing jailbreak detection. The tool features a dual-mode interface, offering both a robust command line and a modern graphical user interface (GUI) based on the Fyne framework, facilitating intuitive server modifications and visual feedback. Notable functionalities include cross-platform support, binary replacement, custom packaging, and dependency management, making it a comprehensive solution for Frida users across different environments.

GalaxyBudsClient

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GalaxyBudsClient is an unofficial management tool for Samsung Galaxy Buds, providing users with enhanced control and configuration options via a desktop interface across Windows, macOS, Linux, and Android. Notable features include detailed battery statistics, customizable touch actions, diagnostics and self-tests, and the ability to flash or downgrade firmware, unlocking the full potential of Galaxy Buds devices.

README

English | 中文(简体) | 中文(繁體) | Русский | 日本語 | Українська | 한국어 | Česky | Türkçe | Ελληνικά | Português | Tiếng Việt
_{Attention: readme files are maintained by translators and may become outdated from time to time. For the newest info rely on the English version.}

game-hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Ultimate Game Hacking Resource” repository is a comprehensive compilation of tools and tutorials designed for the reverse engineering of video games. It provides a variety of game hacking tools such as disassemblers, debuggers, and memory scanners, while also serving as a knowledge base for related methodologies and practices. Notably, it continuously updates its resource list, welcoming community contributions to enhance its offerings.

README

This repo is sponsored by GuidedHacking.com!

The Ultimate Game Hacking Resource

A curated list of tools, tutorials, and much more for reverse engineering video games!

game-reversing

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “kovidomi/game-reversing” repository offers a curated collection of learning materials aimed at facilitating the reverse engineering of video games, particularly for those targeting PC games on the Windows platform using x86 assembly language. It emphasizes essential tools and skills, including Cheat Engine, IDA, and Ghidra, while providing a structured learning pathway that covers foundational knowledge in computing, game programming, and Windows internals. Noteworthy features include a focus on practical resources and a directive to understanding specific game engines, useful for effective reverse engineering.

GameTracking-CS2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GameTracking-CS2 is a tool designed to automate the tracking of in-game statistics and events for Counter-Strike 2, thereby reducing the manual effort involved in monitoring gameplay data. It provides seamless integration with existing GameTracking functionalities, allowing users to monitor game performance effortlessly. Notable features include real-time tracking capabilities and community support through its Discord channel.

README

Game Tracker: Counter-Strike 2

Tracking things, so you don’t have to.

See readme in main GameTracking repository for more information on how files are tracked.

GameTracking-Dota2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GameTracking-Dota2 is a tool designed to automate the tracking of in-game statistics and player performance in Dota 2. Its primary use case is to relieve players of the manual effort involved in monitoring game data, providing streamlined insights into gameplay trends. Notable features include integration with a broader GameTracking ecosystem and community support via Discord.

README

Game Tracker: Dota 2

Tracking things, so you don’t have to.

See readme in main GameTracking repository for more information on how files are tracked.

GARbro

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GARbro is a resource browser designed for Visual Novels, enabling users to browse and extract content from various archive formats. The tool supports a wide range of file types, allows file extraction and conversion to common formats, and provides a user-friendly interface with customizable hotkeys for efficient navigation and operation within file archives. Notably, it offers features for handling encrypted archives and manual file type assignment.

README

GARbro

Visual Novels resource browser.

GDA-android-reversing-Tool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GDA (GJoy Dex Analyzer) is a powerful Dalvik bytecode decompiler designed for fast analysis of APK, DEX, ODEX, OAT, JAR, CLASS, and AAR files, with minimal memory and disk consumption. It features advanced capabilities including malicious behavior detection, vulnerability scanning, path solving, and deobfuscation, as well as various utilities for interactive operation and assisted analysis. GDA operates natively without requiring a Java VM, making it suitable for use on various Windows systems and virtual machines.

geacon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Geacon is a tool designed for implementing CobaltStrike’s Beacon using Go, primarily aimed at protocol analysis and reverse engineering. It supports CobaltStrike 4.1 and includes functionalities such as command execution, file upload/download, and directory navigation. The tool emphasizes learning and experimentation, with a strong caution against illegal use.

README

Geacon

Using Go to implement CobaltStrike’s Beacon

This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY

Gemini-API

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gemini-API is an asynchronous Python wrapper for the Google Gemini web application, designed for generating and editing content through natural language queries. Key features include persistent cookie management, image generation capabilities, customization via system prompts and extensions, support for streaming output, and the ability to classify various types of responses. The tool is built on asyncio, ensuring efficient execution for always-on services and complex interactions.

README

Gepetto

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gepetto is a Python plugin designed for integration with IDA Pro (≥ 7.6) that utilizes large language models to analyze and enhance decompiled functions. Its primary use case includes providing detailed explanations of function behavior and automatically renaming variables for clarity. Notable features include support for multiple AI models, including those from OpenAI, Google, and Azure, along with an easy installation process via the Hex-Rays CLI tool.

README

Gepetto

Gepetto is a Python plugin which uses various large language models to provide meaning to functions decompiled by IDA Pro (≥ 7.6). It can leverage them to explain what a function does, and to automatically rename its variables. Here is a simple example of what results it can provide in mere seconds:

go-whatsapp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The go-whatsapp package offers a Go interface for interacting with the WhatsApp Web API, enabling developers to integrate WhatsApp functionalities in their applications. Its primary use case is to facilitate the sending and receiving of messages, management of user sessions, and handling various types of media messages through a websocket connection. Notable features include session restoration, customizable message handlers for different message types, and the ability to send contact information in the vCard format; however, the package is not actively maintained and may soon become obsolete due to WhatsApp’s evolving architecture.

goblin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: libgoblin is a versatile Rust library for binary parsing, loading, and analysis, supporting multiple formats including ELF, Mach-O, and PE across both 32-bit and 64-bit architectures. Its notable features include zero-copy parsing, cross-platform capabilities, endian-awareness, and extensive configurability, allowing users to adapt it to various binary analysis tasks while maintaining a lightweight and efficient footprint. The library is designed for use cases ranging from compiler development to binary analysis tools, making it a comprehensive solution for developers working with binary data.

gpt4free

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GPT4Free (g4f) is a robust tool designed to streamline interactions with various accessible Large Language Models (LLMs) and media-generation models by providing a unified interface across multiple providers. It features local GUI support, OpenAI-compatible REST APIs, and clients in both Python and JavaScript, enhancing flexibility and ease of use for developers. Notably, it is community-driven, allowing customization and contribution to improve the platform further.

README

GPT4Free (g4f)

hacking-online-games

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “hacking-online-games” repository serves as a comprehensive compilation of tutorials and resources focused on hacking online games, including techniques for reverse engineering game clients and decrypting network protocols. It emphasizes the community-driven aspect of sharing knowledge and resources, inviting contributions and updates from users. Notably, it includes links to articles, presentations, and discussions that provide insights into various methods and legal considerations related to game hacking.

README

This repo is sponsored by GuidedHacking.com!

The Ultimate Online Game Hacking Resource

A curated list of tutorials/resources for hacking online games!

Hacking-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hacking-Tools is a curated collection of penetration testing and ethical hacking utilities, including essential tools from Kali Linux. It is organized into categories such as information gathering, vulnerability analysis, and exploitation tools, facilitating easy navigation and use. Notable features include a featured tool, BugBoard, designed to automate vulnerability detection for bug bounty hunters and security researchers.

README

Hacking-Tools

A curated list of penetration testing and ethical hacking tools, organized by category. This collection includes Kali Linux tools and other notable utilities.

Hacking-Windows

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hacking Windows is a comprehensive resource that provides insights into reverse engineering and hacking techniques specifically for Windows applications using Assembly language. It includes practical examples, tutorials, and chapters dedicated to debugging and analyzing various Windows API functions in both x86 and x64 architectures. Notable features include accessible self-study material, a free downloadable book, and hands-on exercises focused on real-world programming scenarios.

README

FREE Reverse Engineering Self-Study Course HERE

Hacking Windows

The book and code repo for the FREE Hacking Windows book by Kevin Thomas.

hal

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HAL is a sophisticated framework designed for netlist reverse engineering and manipulation, allowing users to parse and analyze netlists from various hardware sources, such as FPGAs and ASICs, into a graph-based representation. Key features include high performance through an optimized C++ core, flexibility via Python bindings, a modular plugin system for extended functionality, and a rich GUI for visual inspection and interactive analysis. The tool aims to serve as a common baseline for researchers and analysts in the field of hardware reverse engineering, facilitating reproducibility and efficiency in research efforts.

hermes-dec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: hermes-dec is a reverse-engineering tool designed for disassembling and decompiling React Native applications that utilize the Hermes VM bytecode (HBC) format. Its primary use case is to transform Hermes bytecode files into human-readable formats, enabling analysis and understanding of the JavaScript code within mobile apps. Notable features include the ability to parse Hermes file headers, disassemble bytecode into intermediate representations, and decompile bytecode into pseudo-code, facilitating the examination of React Native applications.

HexWalk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HexWalk is a cross-platform hex editor, viewer, and analyzer that facilitates in-depth binary file examination. Its primary use case is for advanced binary analysis, featuring capabilities such as advanced pattern searching, entropy analysis, disassembly for multiple architectures, and integration with Binwalk for firmware analysis. Notable features include a hash calculator, byte pattern recognition for header parsing, and a comprehensive diff analysis tool, making it suitable for security researchers and developers working with binary data.

HookCase

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HookCase is a powerful debugging and reverse engineering tool for macOS that enhances the capabilities of Apple’s DYLD_INSERT_LIBRARIES. It allows users to hook methods in any module, including non-exported functions, and can target both parent and child processes simultaneously. Key features include support for watchpoints and the ability to bypass Apple’s restrictions on DYLD_INSERT_LIBRARIES, making it suitable for working with applications that have entitlements.

README

HookCase

HookCase is a tool for debugging and reverse engineering applications on macOS (aka OS X), and the operating system itself. It re-implements and extends Apple’s DYLD_INSERT_LIBRARIES functionality. It can be used to hook any method in any module (even non-exported ones, and even those that don’t have an entry in their own module’s symbol table). In a single operation, it can be applied to a parent process and all its child processes, whether or not the child processes inherit their parent’s environment. It supports watchpoints. So HookCase is considerably more powerful than DYLD_INSERT_LIBRARIES. It also doesn’t have the restrictions Apple has placed on DYLD_INSERT_LIBRARIES. So, for example, HookCase can be used with applications that have entitlements. HookCase runs on OS X 10.9 (Mavericks) through macOS 26 (Tahoe).

hrtng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The hrtng IDA plugin provides a suite of tools designed to enhance the reverse engineering process within the IDA Pro environment, specifically leveraging the Hex-Rays decompiler. Its notable features include automation of variable renaming, interactive pseudocode transformations, various decryption capabilities, and assistance with obfuscated code analysis, all aimed at improving the efficiency and accuracy of binary analysis tasks. The plugin integrates seamlessly into IDA’s existing functionality, offering a structured approach to handling complex code scenarios.

HyperDbg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HyperDbg is an open-source, hypervisor-assisted debugger designed for advanced analysis, fuzzing, and reversing of Windows applications at both user and kernel levels. It leverages modern hardware features like Intel VT-x and EPT, enabling stealthy operation that resists detection by classic anti-debugging techniques, while offering unique capabilities such as hidden hooks and code coverage measurement. This tool is tailored for users with deep low-level system knowledge, providing full control over the operating system for intricate debugging tasks.

iaito

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Iaitō is a GUI application developed in Qt and C++ that serves as a frontend for the radare2 reverse engineering framework, specifically targeting users who are not familiar with command-line interfaces. The tool is designed to lower the barrier of entry for new users by providing a more accessible interface, although it is currently in an alpha state and primarily intended for developers. Notable features include cross-platform support for OS X, Linux, and Windows, along with installation requirements for radare2 and Qt.

ida-pro-mcp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The IDA Pro MCP is a simple MCP server designed to facilitate vibe reversing in IDA Pro, allowing users to interact with supported MCP clients for enhanced reverse engineering tasks. Key features include installation support via pip, configuration for various MCP clients, and guidance on prompt engineering to optimize interactions with large language models during the analysis process. This tool is particularly beneficial for users looking to streamline the reverse engineering process using advanced AI techniques in conjunction with traditional analysis tools.

idacode

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IDACode is a Visual Studio Code extension designed to facilitate the execution and debugging of Python scripts within the IDA Pro environment. Notable features include quick script execution, seamless integration with the Python debugger via debugpy, and the ability to run scripts without modifications directly from IDA. The tool supports features like “Execute on save” for automatic script execution and has been tested for compatibility with IDA versions 8.4/9.0 and Python 3.12 on both Windows and macOS.

Il2CppDumper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Il2CppDumper is a reverse engineering tool specifically designed for Unity games that utilize the il2cpp scripting backend, allowing users to extract and analyze game assets such as MonoBehaviour and MonoScript. It supports a variety of binary formats (ELF, Mach-O, PE, etc.) and versions of Unity (5.3 to 2022.2), while also generating scripts compatible with analysis tools like IDA, Ghidra, and Binary Ninja to facilitate in-depth examination of il2cpp files. Notably, it offers functionalities for bypassing simple protections and generating comprehensive DLL restorations and structure header files.

imessage-exporter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The imessage-exporter is a versatile tool for exporting, managing, and diagnosing iMessage data, providing both library and binary functionalities. It facilitates the saving and archiving of message history, including multimedia content, into open formats, while also supporting migration and compliance with data retention policies. Notable features include cross-platform support, extensive compatibility with iMessage functionalities, and diagnostic tools to ensure the integrity of the iMessage database.

README

imessage-exporter

This crate provides both a library to interact with iMessage data as well as a binary that can perform some useful read-only operations using that data. The aim of this project is to provide the most comprehensive and accurate representation of iMessage data available.

Infosec_Reference

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The InfoSec Reference project serves as a comprehensive resource for individuals seeking to enhance their understanding of Information Security, offering a curated list of techniques, tools, and tactics. Its primary use case revolves around providing a “Yellow Pages” style reference for users to browse and learn about various aspects of infosec, helping them build skills and recall pertinent information. Notably, it encourages community contributions and maintains regular updates, while emphasizing a commitment to ethical practices in cybersecurity.

IPAPatch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IPAPatch is a tool designed for patching iOS applications without the need for jailbreaking, enabling developers to inject custom code into third-party IPA files. Key features include the ability to debug applications using lldb, link external frameworks seamlessly, and generate modified distributable IPA files, allowing easy sharing of customized applications. This tool is particularly useful for developers looking to manipulate app behavior or integrate additional functionality within existing iOS apps.

jadx-ai-mcp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JADX-AI-MCP is a fully automated server and plugin designed for analyzing Android APK files via large language models (LLMs) such as Claude, enabling efficient vulnerability discovery, APK analysis, and reverse engineering. Key features include seamless MCC communication and integration with powerful LLMs to enhance static analysis and security assessments within the Android development ecosystem.

README

JADX-AI-MCP (Part of Zin MCP Suite)

⚡ Fully automated MCP server + JADX plugin built to communicate with LLM through MCP to analyze Android APKs using LLMs like Claude — uncover vulnerabilities, analyze APK, and reverse engineer effortlessly.

jak-project

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Jak Project is a tool designed to port the original Jak and Daxter trilogy from PS2 to PC by decompiling the game’s custom LISP language, GOAL, into a human-readable format. It features the development of a custom GOAL compiler for x86-64 architecture, along with tools to extract and modify game assets, ensuring high performance and compatibility with the original game’s mechanics, including live code modification during runtime. Users must have a legally obtained copy of the game, as the project does not include game assets.

JByteMod-Beta

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JByteMod-Beta is a multifunctional bytecode editor designed for manipulating Java bytecode with features such as syntax highlighting, live decompiling, and method graphing. Its primary use case is for developers seeking to analyze and edit Java .jar or .class files efficiently. Notable features include a plugin architecture for extending functionality, integration with popular decompilers like Procyon and Fernflower, and a user-friendly command-line interface.

README

JByteMod-Beta

JByteMod is a multifunctional bytecode editor with syntax highlighting and live decompiling and method graphing. The successor of JByteMod: https://github.com/GraxCode/Cafebabe

jnitrace

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: jnitrace is a dynamic analysis tool designed to trace the usage of the JNI API in Android applications, leveraging the Frida framework for real-time monitoring. It simplifies the tracking of native library interactions, offering features such as customizable filtering options for method tracing, backtrace configuration, and the ability to save output in JSON format for further analysis. This tool enhances the reverse engineering process, making it more efficient by reducing the manual effort required to analyze JNI calls.

keypatch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keypatch is a plugin for IDA Pro that integrates the Keystone Assembler Engine, providing enhancements for binary patching during reverse engineering tasks. It features a Patcher for direct assembly input, a Fill Range tool, and a Search utility to locate assembly instructions within binaries. With support for multiple architectures and platforms, an event-driven UI for automated updates, and user-friendly options like automatic comments and undo functionality, Keypatch addresses the limitations of IDA’s built-in assembler while streamlining the reverse engineering process.

keystone

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keystone is a lightweight and versatile multi-platform assembler framework supporting various architectures including Arm, RISC-V, and X86, among others. It features a clean architecture-neutral API, is thread-safe, and provides bindings for multiple programming languages, making it an ideal tool for developers needing assembly capabilities across different environments. Built on LLVM, Keystone enhances functionality and offers open-source licensing options suitable for both personal and commercial use.

README

Keystone Engine

KsDumper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KsDumper is a kernel driver-based tool that enables the dumping of process memory for both x86 and x64 applications, particularly those protected by anti-cheat mechanisms such as EasyAntiCheat. It allows users to bypass restrictions on handle access by directly interfacing with the Windows kernel, facilitating the analysis of packed and protected game internals. Notable features include the ability to rebuild PE32/PE64 headers and sections, although it does not reconstruct the import table, making it primarily suited for reverse engineering and educational purposes.

ksm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KSM is a lightweight x64 hypervisor designed for Intel processors that functions primarily as an extra layer of protection for existing operating systems, rather than running other OS instances. Notable features include a self-contained physical memory introspection engine, userspace physical memory virtualization, IDT shadowing, and experimental support for nesting and APIC virtualization. It is compatible with both Windows and Linux kernels, making it suitable for security applications such as anti-virus and sandboxing.

LADX-Disassembly

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LADX-Disassembly is a comprehensive disassembly project for the Game Boy Color game “The Legend of Zelda: Link’s Awakening DX,” enabling developers to build multiple ROM versions in various languages (Japanese, English, German, French) along with their debug symbols. It features tools and documentation for reverse engineering the game engine and understanding data formats, providing a wiki for navigation and contributions. The project also invites community participation to improve its code and documentation.

lamda

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FIRERPA is an advanced Android automation framework designed for on-device operations, providing a comprehensive suite of over 160 APIs for device management, UI automation, and diagnostics. Its primary use case is to enable lightweight, efficient automation for both physical and virtual Android devices, integrating AI-driven capabilities with robust remote desktop services. Notable features include built-in ADB/SSH/SCP support, extensive logging, encrypted scripting, and seamless deployment across a range of Android versions without complex configuration requirements.

lazy_importer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: lazy_importer is a C++ library designed to obfuscate API calls, enhancing the difficulty of reverse engineering software by ensuring that no identifiable strings or import declarations remain in memory or the executable. Key features include inlining capabilities, zero memory allocation, randomized function hashes for each compilation, and the ability to call functions without leaving a trace in data sections. This tool is particularly valuable for developers aiming to protect their software from static analysis and reverse engineering techniques.

learning-reverse-engineering

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Learning Reverse Engineering repository provides a collection of programs aimed at enhancing skills in reverse engineering and malware analysis. It organizes content by specific concepts related to reverse engineering, delivers both source code and compiled binaries, and includes links to supplementary online courses and video playlists. Notable features include guidance on using various tools like Ghidra and IDA Pro, as well as instructions for compiling the source code with Microsoft’s C/C++ compiler.

librw

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: librw is a cross-platform library designed to re-implement parts of RenderWare graphics, facilitating rendering and file format conversion across various platforms. It supports DFF and TXD file formats for PS2, D3D8, D3D9, and Xbox, with rendering capabilities via D3D9 and OpenGL backends, while being particularly useful for rendering within projects like GTA. Notable features include adaptable file format support, backend rendering versatility, and ongoing compatibility for multiple platforms.

lighthouse

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lighthouse is an advanced code coverage explorer plugin designed for IDA Pro and Binary Ninja, aimed at software researchers examining execution maps of native applications without the need for symbols or source code. It features interactive controls for coverage painting across multiple views, customizable coverage formats, and a comprehensive overview widget that enhances analysis capabilities. The tool has garnered recognition within the security research community, placing in IDA’s 2017 Plug-In Contest and receiving a nomination for the 2021 Pwnie Awards.

lisa.py

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: lisa.py is a Model-Context Protocol (MCP) integration for LLDB, enabling AI assistants like Claude to interact with debugging sessions through a structured interface. It consists of a server component to handle communication and a plugin for LLDB that exposes debugging functionalities via JSON-RPC, allowing users to execute commands verbally and enhance the debugging experience with natural language processing. Notable features include the capability to create targets, manage breakpoints, control process execution, and evaluate expressions directly from the AI assistant.

lumen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lumen is a private server designed to integrate with IDA Pro 7.2 and later versions, enabling users to efficiently manage and retrieve function signatures via its database-backed infrastructure utilizing PostgreSQL. It features an experimental HTTP API for querying by function hash or file, facilitating collaborative reverse engineering workflows. The tool is provisioned with a straightforward setup through Docker and can be used with custom TLS configurations for secure communications.

LunaTranslator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: 视觉小说翻译器 / Visual Novel Translator

视觉小说翻译器 / Visual Novel Translator

makin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: makin is a malware assessment tool designed to simplify the process of identifying anti-debugging techniques employed by malicious samples. It injects a DLL into the target process to monitor specific API calls, providing insights into debugger detection methods, and can generate IDA Pro scripts for setting breakpoints at the identified APIs. Notable features include the ability to hook various functions from ntdll.dll and kernelbase.dll, effectively revealing complex anti-debugging strategies.

medusa

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Medusa is a modular and interactive disassembler that supports Windows, Linux, and OSX platforms, tailored for analyzing various file formats such as ELF, PE, Mach-O, and GameBoy binaries. It integrates seamlessly with libraries like Boost and Qt5, offering an extensible architecture for disassembly and limited semantic analysis, particularly for specific instruction sets like x86 and GameBoy. Notable features include support for file imports and exports, varying levels of symbol handling, and the ability to work with multiple architectures and binary types.

miasm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Miasm is an open-source reverse engineering framework primarily designed for the analysis, modification, and generation of binary programs, supporting formats such as PE and ELF for both 32 and 64-bit architectures. Notable features include assembly and disassembly capabilities for various architectures like X86, ARM, and MIPS, intermediate representation for semantic analysis, JIT-based emulation, and advanced techniques for automatic de-obfuscation. The framework facilitates dynamic code analysis, making it an invaluable tool for security researchers and reverse engineers.

Millennium

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Millennium is an open-source low-code framework that enables users to create, manage, and utilize plugins and themes for the desktop Steam Client without complex system interactions. Key features include a TypeScript frontend and Lua backend architecture, the ability to customize themes with JavaScript and CSS, and a curated Plugin Database to ensure version compatibility and stability when enhancing the Steam experience. This framework simplifies modding for users, allowing extensive personalization while avoiding low-level code manipulation.

MonkeyDev

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MonkeyDev is an enhanced version of iOSOpenDev designed for non-jailbroken iOS plugin development. It allows developers to easily create and inject tweaks using Xcode, offering support for CaptainHook and Logos, as well as providing tools for debugging and patching apps without jailbreaking. Notable features include automatic integration of class-dump, restore-symbol, and Reveal, as well as a private CocoaPods repository for managing non-jailbroken plugins.

README

MonkeyDev

A modified version of iOSOpenDev

mtasa-blue

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Multi Theft Auto: San Andreas (MTA) is an open-source modification that enables multiplayer gameplay for the single-player version of Grand Theft Auto: San Andreas through an advanced game engine framework. It incorporates networking and GUI rendering capabilities while allowing extensive customization via a Lua scripting language, making it possible to create custom game modes and content for multiple players. Notable features include code injection techniques for game manipulation without altering original files, a robust resource management system for asynchronous content delivery, and a collaborative community for development and support.

NETReactorSlayer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NETReactorSlayer is an open-source deobfuscator and unpacker specifically designed for Eziriz .NET Reactor, facilitating the process of reversing obfuscated .NET applications. This tool offers both a graphical user interface (GUI) and a command-line interface (CLI), enabling flexible usage depending on user preference. Notable features include comprehensive documentation, community contributions, and adherence to the GPLv3 license, ensuring wide accessibility and support for developers.

README

.NETReactorSlayer

NETReactorSlayer is an open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor.

ngrev

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ngrev is a graphical tool designed for the reverse engineering of Angular projects, enabling users to navigate application structures and visualize the relationships between modules, providers, and directives through static code analysis, eliminating the need to execute the application. Notable features include support for custom theming, compatibility with Angular’s Ivy compiler, and integration with Angular CLI for streamlined project selection.

README

ngrev

Graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don’t have to run your application in order to use it.

obfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Obfuscator is a native C++23 code obfuscation tool designed to enhance software security by transforming executable code through various methods such as bogus control flow and constant encryption. Its primary use case is to protect applications from decompilation and reverse engineering, making it compatible with popular disassemblers like IDA and Ghidra. Notable features include customizable function and transform configurations, support for both Linux and Windows platforms, and the ability to specify additional debugging information through PDB and MAP files.

obfuscator-io-deobfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Obfuscator.io Deobfuscator is a tool designed to reverse the obfuscation applied by Obfuscator.io, enabling the recovery of original scripts. Its primary use case is to facilitate code analysis and debugging by recovering strings, removing unnecessary code, and simplifying complex structures without executing untrusted code. Notable features include automatic configuration detection, improved readability through control flow restoration, and compatibility with various forks of the original obfuscator.

README

Obfuscator.io Deobfuscator

A deobfuscator for scripts obfuscated by Obfuscator.io

obliteration

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Obliteration is an open-source PlayStation 4 kernel reimplementation in Rust, designed to enable the execution of dumped PlayStation 4 system software on various operating systems, including Windows, Linux, and macOS. Notable features include cross-platform support with native binaries, near-native performance leveraging hypervisor technologies, and a kernel architecture aimed to closely resemble the original PlayStation 4 kernel for enhanced compatibility. Currently, the project is in early development and does not yet support game execution.

ofrak

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OFRAK (Open Firmware Reverse Analysis Konsole) is a comprehensive binary analysis and modification platform designed specifically for embedded firmware and various binary formats. Its notable features include an interactive GUI for detailed exploration, a Python API for scripting reusable analyses, recursive unpacking and repacking capabilities, and integration with advanced reverse engineering tools such as angr and Ghidra, allowing users to effectively identify, analyze, and modify complex firmware.

README

OFRAK

OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform. OFRAK combines the ability to:

openblack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: openblack is an open-source reimplementation of the classic game “Black & White” (2001), developed using modern C++ and contemporary rendering technologies like OpenGL and Vulkan. This tool primarily serves to allow users to experience the original gameplay while requiring the original game assets for operation. Noteworthy features include pre-built binaries for multiple platforms, including Windows, Linux, and macOS, along with experimental builds for additional architectures and devices.

README

openblack

opendbc

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: opendbc is a Python API designed for interacting with automotive systems, enabling the control of vehicle functions such as steering, gas, and brakes, as well as reading vehicle data like speed and steering angle. Its primary use case is to facilitate the development and integration of advanced driver-assistance systems (ADAS) using the openpilot platform, while also expanding into broader automotive management capabilities. Notable features include support for parsing and building CAN messages via DBC files, a repository of compatible vehicle models, and a structured approach for adding new vehicle support and functionalities.

openhaystack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenHaystack is a framework designed for tracking personal Bluetooth devices through Apple’s Find My network, enabling users to create custom tracking tags for various physical objects. It utilizes a macOS application and custom firmware for Bluetooth devices, allowing them to be discoverable by nearby iPhones that can report their location without requiring cellular coverage. Notably, OpenHaystack leverages reverse-engineering and security analysis of Apple’s offline finding features, though it remains experimental and untested.

OpenPods

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenPods is a free and open-source Android application designed for monitoring Apple AirPods connectivity and status. It features real-time notifications for connected AirPods, privacy-respecting functionality, and support for a dark theme, while being compatible with multiple generations of AirPods and Beats headphones. The tool explicitly violates Google Play policies, hence it is not intended for distribution on that platform.

README

OpenPods

The Free and Open Source app for monitoring your AirPods on Android

OpenTendo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Open ‘Tendo is an open-source hardware project that recreates the original 1985 Front-Loading NES motherboard, focusing on documentation and preservation through reverse engineering. The repository provides comprehensive design files, including a bill of materials, schematics, and PCB layouts in KiCad format, while intentionally excluding modern video output improvements like RGB or HDMI. Users are encouraged to utilize the designs for personal projects, manufacturing replacement boards, or for further custom PCB work.

openwifipass

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenWifiPass is an open-source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol, designed for sharing Wi-Fi credentials (SSID and PSK) using Bluetooth Low Energy on Linux systems like the Raspberry Pi. It serves educational and experimental purposes, featuring a simple command-line interface to initiate the sharing process, although it currently lacks identity verification for requestors, posing security risks when handling sensitive credentials. Notably, the project includes a reusable OPACK (de)serializer for handling packet data, emphasizing its experimental nature and community-driven development.

Osiris

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Osiris is a cross-platform game hacking tool designed for Counter-Strike 2, featuring a graphical user interface based on the game’s Panorama UI. Its primary use case is to enhance gameplay through various functions such as customizable visual indicators for bomb planting and inaccuracy visualizations without relying on traditional C++ runtime libraries or external dependencies. Notable features include customizable color schemes for game elements, enhanced player information rendering, and support for both Windows and Linux compilation.

panda

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PANDA is an open-source platform designed for architecture-neutral dynamic analysis, utilizing the QEMU whole system emulator to provide deep insights into code execution and data handling across various CPU architectures. It features capabilities for recording and replaying executions, allowing for compact and shareable replay logs, and supports a plugin architecture for enhanced code reusability in dynamic taint analysis and other complex analyses. The tool is developed in collaboration with academic institutions and is available as a Docker container as well as a Python interface for flexible integration into analysis workflows.

panopticon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Panopticon is a cross-platform disassembler designed for reverse engineering, capable of disassembling multiple instruction sets including AMD64, x86, AVR, and MOS 6502, as well as opening ELF files. Notable features include a Qt-based GUI for visualizing and annotating control flow graphs, though it has been deprecated with a migration to GitLab and restructuring into multiple crates. Users are encouraged to transition to the new version, Verso, for continued development and support.

papermario

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Paper Mario is an ongoing decompilation project aimed at recreating the original Paper Mario video game for multiple regions including US, JP, PAL, and iQue. The tool generates corresponding ROMs, providing a clear progress tracking system for each version. Notable features include a dedicated setup guide, active community support via Discord, and a public website for monitoring development progress.

README

Paper Mario

This is a work-in-progress decompilation of Paper Mario.

patching

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Patching is a plugin for IDA Pro designed for interactive binary patching, aimed at enhancing the efficiency of malware analysis and software reverse engineering. It supports x86/x64 and Arm/Arm64 architectures, allowing users to edit assembly instructions in real-time, with visual feedback on the impact of their changes. Notable features include a context menu for quick patch actions, an intuitive assembly editing dialog, and the ability to NOP instructions or force conditional jumps swiftly.

pbtk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pbtk is a Protobuf toolkit designed to aid in the reverse engineering of applications utilizing the Protobuf serialization format. It features a unified GUI that enables users to extract Protobuf data structures from various implementations, including Android and web applications, and provides capabilities for editing, replaying, and fuzzing Protobuf messages sent to network endpoints. Notable features include comprehensive support for multiple Java runtimes and binary formats, along with a user-friendly interface that streamlines the manipulation of Protobuf messages.

PDBRipper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PDBRipper is a utility designed for extracting information from PDB (Program Database) files, primarily used in software development and reverse engineering. Notable features include a graphical user interface and console mode for flexibility, as well as support for building on Windows using Visual Studio and Qt. The tool facilitates in-depth analysis and manipulation of debugging information contained within PDB files.

README

PDBRipper

PDBRipper is an utility for extract an information from PDB-files.

php-spx

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SPX (Simple Profiling eXtension) is a lightweight PHP profiling tool designed to enhance performance analysis without external dependencies, ensuring data privacy on user infrastructure. It offers seamless profiling activation, requiring minimal setup, and supports multiple metrics like execution time, memory usage, and object tracking. Its integrated web UI enables interactive visualizations, including timelines and Flamegraphs, to facilitate detailed performance insights and troubleshooting.

README

SPX - A simple profiler for PHP

pikachu-volleyball

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pikachu Volleyball is a reimplementation of a classic 1997 Windows game, now developed in JavaScript for web play. Its primary use case is to provide a nostalgic gaming experience by enabling users to play volleyball with Pikachu characters while utilizing a physics engine and AI derived from reverse-engineered original machine code. Notable features include a customizable local server setup for gameplay and an extended AI vs. AI match time, allowing for continuous observation of the computer-controlled players.

PINCE

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PINCE is a front-end tool for the GNU Project Debugger (GDB) tailored for reverse engineering, particularly in gaming contexts. Its noteworthy features include efficient memory and pointer scanning using specialized libraries, background execution for concurrent command execution, and extensive variable inspection and modification capabilities, resembling those of Cheat Engine. Additionally, PINCE supports dynamic address tables, smart casting of data types, and comprehensive disassembly functionalities, enabling users to analyze and manipulate memory with precision.

plasma

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PLASMA is an interactive disassembler that converts binary code into more readable assembly language with syntax highlighting, supporting architectures such as x86_64, ARM, and MIPS, along with ELF and PE formats. Its notable features include a Python API for scripting capabilities, allowing users to perform tasks like pseudo-decompilation, flow graph manipulation, and code assembly. The tool is currently under development and offers additional functionality through optional libraries for enhanced features.

pokecrystal

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Pokémon Crystal repository consists of a comprehensive disassembly of the Pokémon Crystal game, designed to facilitate the building of various ROM versions. Primary use cases include reverse engineering, modding, and development of patches for the game, supported by resources such as documentation and tutorials. Notable features include the ability to produce different ROM versions and access to a community-driven platform for additional support and collaboration.

README

Pokémon Crystal

This is a disassembly of Pokémon Crystal.

pokeemerald

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pokémon Emerald is a decompilation project that allows users to build the ROM file for the Pokémon Emerald game. Its primary use case is for developers and enthusiasts looking to analyze, modify, or enhance the original game code. Notable features include the ability to reconstruct the game’s ROM and support for custom modifications.

README

Pokémon Emerald

This is a decompilation of Pokémon Emerald.

It builds the following ROM:

pokefirered

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Pokémon FireRed and LeafGreen repository provides a comprehensive decompilation of the popular Pokémon games, enabling users to create various ROM images of FireRed and LeafGreen. Its primary use case is for game developers and modders looking to analyze, modify, or enhance the original games. Notable features include the generation of multiple ROM versions, including revisions and switch-compatible formats, along with detailed SHA1 checksums for verification.

README

Pokémon FireRed and LeafGreen

This is a decompilation of English Pokémon FireRed and LeafGreen.

pokered

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Pokémon Red and Blue repository provides a disassembly of the original Pokémon games, allowing users to rebuild the ROMs for both Pokémon Red and Blue, along with additional debug versions and patches. Its primary use case is for developers and enthusiasts looking to study, modify, or enhance the original game code, supported by extensive documentation and tutorials through its Wiki. Notable features include automated builds and a structured community for collaboration on Discord.

pokeruby

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pokémon Ruby and Sapphire is a comprehensive disassembly of the Game Boy Advance titles Pokémon Ruby and Sapphire, enabling developers to understand and modify the game’s code. The primary use case focuses on ROM development and enhancement, allowing users to compile the original game files, pokeruby.gba and pokesapphire.gba. Notable features include built-in support for building ROMs, making it an essential tool for enthusiasts involved in Pokémon game development and reverse engineering.

pokeyellow

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pokémon Yellow is a disassembly repository for the classic Game Boy Color game, allowing users to build various ROMs, including the standard Pokémon Yellow and a debug version named YELLMONS.GB. The tool provides comprehensive documentation, symbol information, and assembly tools to facilitate modifications and development for enthusiasts. Notable features include the ability to generate different ROM formats and a supportive community for collaborative development and troubleshooting.

README

Pokémon Yellow

This is a disassembly of Pokémon Yellow.

project-restoration

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Project Restoration is a patch for Majora’s Mask 3D that reintroduces mechanics from the original game while resolving gameplay issues to enhance player experience. Notable features include an improved swimming mechanic for Zora Link, adjustments to the Inverted Song of Time’s effect, and modifications to the Twinmold battle for clarity and pacing. The project aims to blend the best aspects of the original game with the enhanced graphics of the remaster, ensuring a polished gameplay experience without game-breaking issues.

protobuf-inspector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: protobuf-inspector is a command-line tool designed to parse Google Protobuf encoded blobs (versions 2 and 3) without requiring their corresponding definitions. It outputs a structured representation of the blob’s content, including inferred types and potential parsing errors, making it useful for developers working with Protobuf data or engaging in reverse-engineering tasks. Notable features include the ability to detect structure dynamically, handle embedded messages, and support raw data extraction for in-depth analysis.

PS2Recomp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PS2Recomp is an experimental static recompiler for PlayStation 2 ELF binaries that translates MIPS R5900 instructions into C++ code. Its primary use case involves recompiling and executing PS2 games while allowing configuration for stubs, skips, and instruction patches. Notable features include customizable syscall handling, support for PS2-specific macros, and integration with Ghidra for efficient function export and mapping.

README

PS2Recomp: PlayStation 2 Static Recompiler (Experimental)

Also check our WIKI

pwndbg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pwndbg is a Python module designed as a plugin for GDB and LLDB, enhancing the debugging experience for developers working on low-level software, reverse engineering, and exploit development. Its primary use case is to streamline common debugging tasks by providing user-friendly features and a suite of utilities that address the shortcomings of vanilla GDB and LLDB. Notable features include an improved hexdump command, a clean interface for quick navigation, and a range of custom tools to facilitate debugging across different platforms and architectures.

PyArmor-Unpacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PyArmor-Unpacker is a tool designed to unpack Python applications protected by PyArmor, specifically targeting versions prior to v8. The tool offers three methods for unpacking, with the preferred method being suitable for Python 3.9, allowing users to retrieve the original code from obfuscated .pyc files. Notable features include a detailed usage guide, support for multiple unpacking methods, and an emphasis on community contributions to address known issues and enhance functionality.

pyinstxtractor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PyInstaller Extractor is a Python script designed to extract the contents of executables created with PyInstaller, including fixed headers for bytecode decompilation. It supports a wide range of PyInstaller versions and can handle both Windows and Linux binaries, enabling users to recover files from packaged applications efficiently. Notable features include seamless integration with Python 2.x and 3.x environments, as well as compatibility with various bytecode decompilers for further analysis.

pylingual

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PyLingual is a Python bytecode decompiler specifically designed for versions 3.6 and later, allowing users to convert Python bytecode back into source code. Notable features include the ability to run locally or through a web service, support for different Python versions via pyenv, and adjustable options for decompilation settings, such as output directory and segmentation preferences. This tool is optimized for readability and extensibility, though it may initially exhibit some control flow accuracy regressions compared to its web service counterpart.

pypush

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pypush is an evolving library designed for interfacing with Apple’s internal API, specifically focusing on the client side of the Apple Push Notification service (APNs). Its primary use case is to enable applications to impersonate Apple devices and receive push notifications while facilitating reverse-engineering efforts related to iMessage and other APIs. Notable features include platform independence and a planned expansion to include a wider range of Apple’s API functionalities as development progresses.

QBDI

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: QBDI is a modular dynamic binary instrumentation (DBI) framework designed for cross-platform and cross-architecture use, supporting various operating systems including Linux, macOS, Android, iOS, and Windows. It provides C/C++ APIs along with Python and JavaScript bindings, facilitating scripting while integrating seamlessly with external injection tools like Frida. Notable features include the ability to instrument binaries without a preferred injection method and an LD_PRELOAD-based injector for dynamic executables on Linux and macOS, although it currently does not support multithreading or C++ exception handling.

QP-Gallery-Releases

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: QuickPic Gallery Mod is a modernized version of the classic QuickPic Gallery application, designed for Android platforms with API level 23 and above. This tool emphasizes speed, stability, and simplicity, featuring multiple bug fixes, enhanced compatibility with recent Android versions, and a refreshed Material 3 design while maintaining its lightweight and offline-first experience.

README

QuickPic Gallery Mod

A modernized version of the classic QuickPic Gallery, focused on speed, stability, and simplicity. It includes multiple bug fixes, improved compatibility with recent Android versions, and a refreshed Material 3 design — while preserving the lightweight, fast, and offline-first experience of the original app.

radare2-book

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The r2book is a collaboratively maintained documentation resource for the Radare2 reverse engineering framework, serving as an updated version of the original radare1 book. Its primary use case is to provide users with comprehensive information and guidance on utilizing Radare2 effectively, while notable features include community contributions for continuous content improvement and online accessibility.

README

r2book

This book is an updated version maintained by the community of the original radare1 book written by pancake.

readpe

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: readpe is a comprehensive command line toolkit designed for the analysis and manipulation of PE (Portable Executable) binaries across multiple platforms. Its primary use case involves providing developers and security analysts with tools to inspect, modify, and understand the structure of PE files. Notable features include easy installation and building on various operating systems, as well as its background as a successor to the original pev tool, with enhanced functionality integrated into a single repository.

ReC98

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReC98 is a reverse-engineering project that aims to reconstruct the source code of the first five Touhou Project games originally released for the NEC PC-9801 system. It allows for perfect replications of the original binaries, thus maintaining the integrity of the source while enabling modding and porting efforts by providing a comprehensible codebase. Notable features include the preservation of the original game’s mechanics, position independence, and support for community modifications.

Recaf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Recaf is a modern Java bytecode editor designed to simplify the editing and manipulation of Java and Android bytecode by abstracting complex details. Key features include a user-friendly interface, support for multiple decompilers, built-in bytecode compiling and assembling, advanced search capabilities, and tools for code deobfuscation. Additionally, it allows users to script and extend functionality through plugins, and can operate as a command line application for automated processes.

REDasm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: REDasm is a cross-platform disassembler designed for both hobbyists and professional reverse engineers, featuring a modern codebase and a user-friendly Qt frontend. It supports C++ and Python 3 plugins, multithreaded analysis, and various binary formats including Portable Executable and ELF, while providing capabilities like binary lifting and intermediate language analysis. The underlying architecture, driven by LibREDasm, allows for extensive customization and the addition of new languages.

README

Features | Compile | Reddit | Twitter | Telegram

REDasm is a cross platform disassembler with a modern codebase useful from the hobbyist to the professional reverse engineer.
All features are provided by LibREDasm which loads plugins developed in C, C++ and Python3 (you can also support new languages if you want!) and an user friendly Qt frontend.
LibREDasm also provides a plain C API for maximum ABI compatibility along with a C++17 core.

Tested on Windows and Linux.

REDRIVER2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: REDRIVER2 is a reverse-engineered reimplementation of the original game, translating MIPS code back to C without emulation, and significantly enhancing it beyond the original PlayStation version. The tool supports modding with replacement of textures and models, runs on multiple platforms including Windows and Linux, and integrates a custom porting layer based on the Psy-X emulator. It utilizes advanced reverse engineering methods, including debugging symbols and semi-automatic decompilation techniques to achieve a fully playable game experience.

reFlutter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: reFlutter is a framework designed for the reverse engineering of Flutter applications by utilizing a modified version of the Flutter library, enabling dynamic analysis and convenient app repacking. Notable features include traffic monitoring and interception capabilities through a patched socket.cc, modifications to display code structure information, and support for manual code changes via a custom Dockerfile. This tool allows users to bypass certain certificate pinning implementations and does not require root access for Android devices, streamlining the app analysis process.

reko

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reko is a general-purpose decompiler designed to analyze machine code binaries. It supports various processor architectures and executable formats, providing users with command-line, Windows GUI, and ASP.NET front ends for inputting individual binaries or project files. Notable features include a core decompiler engine that facilitates minimal user intervention during decompilation and extensive support for different file formats, all maintained under the GNU General Public License.

README

reko - a general purpose decompiler.

Reloaded-II

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reloaded II is a universal mod loader and mod management framework developed in C#, designed for use with x86 and x64 native games. Its primary use case is enabling DLL injection for modding capabilities, offering a comprehensive toolkit for modding various games. Notable features include full open-source access and a focus on extensibility for user-contributed enhancements and documentation.

README

Reloaded II

Nothing else matters.
Universal, C# based mod loader.
Works with anything X86, X64.

Introduction

[Reloaded II] is a universal DLL injection based Mod Loader and Mod Management Framework.

ret-sync

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ret-sync is a synchronization tool designed for reverse engineering, enabling the integration of various debugging environments (WinDbg, GDB, LLDB, etc.) with static analysis disassemblers (IDA, Ghidra, Binary Ninja). Its primary use case is to facilitate a seamless analysis workflow by synchronizing debugger states with disassembler views, allowing for real-time insights during dynamic analysis while providing the broader context from static analysis. Notable features include on-the-fly address rebasing, support for multiple simultaneous sessions across different systems, and the ability to pass contextual information between debug and disassembly tools.

retoolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Retoolkit is a comprehensive suite designed for reverse engineering and malware analysis on x86 and x64 Windows systems, providing users with an easy setup of essential tools. Notable features include a pre-configured environment for popular applications such as x64dbg, streamlined access via desktop shortcuts or context menus, and support for command-line operations from any directory. This toolkit is particularly advantageous for quickly establishing a new analysis virtual machine.

retrowrite

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Retrowrite is a static binary rewriter designed for x64 and aarch64 architectures, enabling the insertion of instrumentation into binaries without the need for source code, thereby supporting use cases in fuzzing and sanitization. The tool employs the symbolization technique to ensure zero overhead during binary rewriting and includes features such as AFL-coverage and ASan instrumentation, along with a variant (KRetrowrite) specifically for rewriting Linux kernel modules. Different algorithms and supported features are available for the x64 and arm64 versions, accommodating various binary types and compiler specifications.

revanced-patcher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReVanced Patcher is a comprehensive library designed for patching Android applications, facilitating the modification of Dalvik VM bytecode and APK resources. It serves as the foundational component for other ReVanced tools such as ReVanced Manager and ReVanced CLI, enabling users to create customized patches through an extensive patch repository. Notable features include the ability to disassemble and reassemble Dalvik bytecode, along with resource decoding capabilities.

README

Continuing the legacy of Vanced

revanced-patches-template

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReVanced Patches Template is a foundational repository designed to facilitate the creation of new ReVanced Patches repositories. Its primary use case is to allow developers to implement and share multiple patches to modify existing applications effectively, leveraging patches from various sources. Notable features include a configurable build setup and collaborative capabilities that enable integration of diverse patches.

README

Continuing the legacy of Vanced

reverse-linear-sync-engine

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Reverse Engineering Linear’s Sync Engine” project provides an in-depth analysis of Linear’s Sync Engine (LSE), aimed at enhancing collaborative software applications through an intuitive and efficient synchronization solution. Its primary use case is to support real-time collaboration by managing edits while offering critical features like partial syncing, permission controls, and offline availability, all wrapped in a developer-friendly API. The project emphasizes the balance of complexity and usability, highlighting LSE’s adaptability for various data models without requiring extensive expertise in sync technologies.

ReverseAPK

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReverseAPK is a tool designed for the analysis and reverse engineering of Android applications, enabling users to quickly decompile APK files into Java and Smali formats. Its notable features include static source code analysis to identify common vulnerabilities, automatic extraction of files, and comprehensive evaluation of the AndroidManifest.xml for security risks associated with application behavior.

README

ReverseAPK

Credits: @xer0dayz

Website: https://sn1persecurity.com

Version: 1.2

ABOUT:

Quickly analyze and reverse engineer Android applications.

reversinglabs-yara-rules

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The ReversingLabs YARA Rules repository provides a collection of high-quality YARA detection rules designed for threat hunters and incident responders to enhance threat detection capabilities within their environments. These rules emphasize precision and minimal false positives, utilizing clearly defined byte patterns and conditions to target unique malware functionalities. Continuous testing against a vast array of binaries ensures the rules maintain their effectiveness across various security solutions, particularly when integrated with the ReversingLabs Titanium Platform.

RigelEngine

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Rigel Engine is a modern re-implementation of the classic game Duke Nukem II, enabling it to run natively on today’s operating systems while maintaining compatibility with the original game’s data files. Its key features include widescreen support, improved graphics and performance with smooth scrolling, quick save functionality, enhanced controller support, and extended modding capabilities, all achieved through reverse engineering due to the absence of the original source code. The tool is stable and supports multiple platforms, including Windows, Linux, and macOS, with minimal system requirements.

RMS-Runtime-Mobile-Security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Runtime Mobile Security (RMS) is a web-based interface that leverages FRIDA to facilitate real-time manipulation of Android and iOS applications. Its primary use case includes dumping loaded classes and methods, hooking functionality on-the-fly, and tracing method arguments and return values. Notable features encompass the ability to load custom scripts and comprehensive support for both Android and iOS platforms, making it a versatile tool for mobile security analysis and testing.

ROPgadget

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ROPgadget is a tool designed to facilitate Return-Oriented Programming (ROP) exploitation by allowing users to search for gadgets within binary files. It supports multiple file formats (ELF, PE, Mach-O, Raw) and architectures (x86, x64, ARM, ARM64, MIPS, PowerPC, Sparc, RISC-V 64) and employs the Capstone disassembler for efficient gadget identification. Notable features include customizable search parameters, ROP chain generation, and support for various opcode and string searching capabilities.

rz-ghidra

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: rz-ghidra is an integration of the Ghidra decompiler and Sleigh disassembler specifically designed for the Rizin framework. This plugin allows users to decompile functions, output various formats such as XML and JSON, and customize settings for decompilation in a self-contained manner without requiring the full Ghidra suite. Notable features include seamless integration with Rizin, side-by-side decompilation views, and extensive configurability through various parameters for enhanced user experience.

README

rz-ghidra

This is an integration of the Ghidra decompiler and Sleigh Disassembler for Rizin. It is solely based on the decompiler part of Ghidra, which is written entirely in C++, so Ghidra itself is not required at all and the plugin can be built self-contained. This project was presented, initially for radare2, at r2con 2019 as part of the Cutter talk: https://youtu.be/eHtMiezr7l8?t=950

Scanners-Box

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scanners Box is a comprehensive hacker toolkit that consolidates over 335 open-source scanners across various categories, such as subdomain enumeration, SQL injection vulnerability detection, and malware detection. The tool is designed for modular vulnerability assessment and does not include well-known scanning tools like Nmap or Metasploit, focusing instead on specialized scanning capabilities. Notable features include AI-powered autonomous scanners, dynamic and static code analysis, and comprehensive scanning for web applications and IoT devices.

SchemaCrawler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Free database schema discovery and comprehension tool

Free database schema discovery and comprehension tool

schemaspy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SchemaSpy is a database metadata analysis tool designed for visualizing and understanding data models through HTML-based reports and entity-relationship diagrams. It supports over a dozen database types via JDBC drivers and can be executed as a standalone application or through Maven, making it versatile for database administrators and developers. Notable features include easy navigation of data schemas and the ability to generate comprehensive documentation of database structures.

README

Selenium-Driverless

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Selenium-Driverless is a Python package that enables web automation using Selenium without the need for a chromedriver, allowing for interactions with sites that commonly employ anti-bot mechanisms like Cloudflare. Its notable features include support for multiple tabs and incognito contexts, proxy authentication, and network interception, making it suitable for use cases that require more advanced browser automation scenarios while maintaining anonymity. The tool is designed primarily for non-commercial use and provides integration with asyncio for asynchronous operations.

shellen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shellen is an interactive shellcoding environment designed for writing and utilizing shellcodes, supporting both assembly and disassembly operations. Leveraging the keystone and capstone engines, Shellen allows users to seamlessly switch between different modes, search syscall tables, and run shellcodes within a subprocess, while providing a user-friendly prompt that displays the current status and architecture. This tool caters primarily to developers and security researchers working with low-level code, making shellcode manipulation intuitive and efficient.

simplify

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Simplify is a generic Android deobfuscator that virtually executes obfuscated apps to enhance code readability while preserving their functional behavior. It operates through a combination of smalivm, which simulates Dalvik method execution, and simplify, which optimizes execution graphs by applying techniques such as constant propagation and dead code removal. Notable features include the ability to handle various obfuscation patterns without renaming methods or classes, and a customizable execution environment to manage optimization parameters.

skidfuscator-java-obfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Skidfuscator is a production-grade Java obfuscation tool that employs SSA form to enhance and obscure Java bytecode flow while maintaining execution efficiency. Its primary use case is to protect applications from reverse engineering by providing advanced obfuscation techniques, automatic dependency downloading, and an easy-to-configure command-line interface. Notable features include smart recovery, flow obfuscation, and out-of-the-box optimization.

README

🗣️ Discord: https://discord.gg/QJC9g8fBU9 📚 Wiki: https://skidfuscator.dev/docs/

🏢 Enterprise/Custom Version: https://skidfuscator.dev/pricing

sogen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Sogen is a high-performance Windows user space emulator designed for syscall-level operation, granting detailed control over process execution, particularly useful in security analysis, malware dissection, and DRM research. Notable features include advanced memory management, complete PE loading support, implemented Windows structured exception handling, a scheduled threading model, and comprehensive debugging interfaces, including GDB compatibility for seamless integration with popular debugging tools.

README

Sogen is a high-performance Windows user space emulator that operates at syscall level, providing full control over process execution through comprehensive hooking capabilities.

SpecialK

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Special K is a versatile tool designed for PC gaming that enhances graphics and performance through code injection. It allows users to modify game behavior by injecting its DLL into applications, supporting both local and global injection methods, which enables a wide range of visual and performance adjustments. Notable features include performance analysis tools, shader and texture modifications, and compatibility with various graphics APIs in both Windows and WINE environments.

ssl-kill-switch2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SSL Kill Switch 2 is a blackbox tool designed to disable SSL/TLS certificate validation, including certificate pinning, in iOS and macOS applications. This tool modifies low-level functions managing SSL/TLS connections to bypass the system’s default validation, enabling man-in-the-middle attacks on SSL or HTTPS traffic. It supports installation as a Cydia Substrate tweak on jailbroken iOS devices and can be injected as a dynamic library into macOS applications for similar functionality.

SteamKit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SteamKit is a .NET library that facilitates interaction with Valve’s Steam network, providing a flexible and extensible interface for executing various network operations. Its primary use case is enabling developers to create applications that can leverage Steam’s functionalities, such as game management and account handling. Notable features include its distribution as a NuGet package for easy integration, comprehensive XML documentation, and support for .NET 10.0 or higher.

README

SteamKit

SteamTracking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SteamTracking is a tool designed to automate the monitoring of various metrics associated with Steam accounts and game performance. Its primary use case is to streamline the process of tracking gameplay statistics and trends, reducing the manual effort required for users. Notable features include automated data collection and user-friendly insights into gaming habits.

README

Steam Tracking

Tracking things, so you don’t have to.

SydneyQt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SydneyQt is a cross-platform desktop client designed for the jailbroken New Bing AI Copilot, enabling advanced interactions with the AI through capabilities such as prompt injection, CAPTCHA resolution via Selenium, and context editing. Key features include support for various file types and multimedia interactions, customizable quick responses, and integration with OpenAI’s API, all presented within a modern and user-friendly interface. The tool is built with Go and Wails, offering robust functionality while allowing users to bypass regional restrictions and enhance their AI interactions.

TangledWinExec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tangled WinExec is a repository that provides a collection of proof-of-concept tools focused on various Windows process execution techniques, aimed at facilitating investigation and understanding of these methods. Notable features include techniques such as Process Hollowing, Command Line Spoofing, and Process Doppelgänging, with some PoCs tailored for specific Windows versions and kernel protection mechanisms. Each toolset includes documentation for testing and utilization, enabling advanced users to explore process manipulation techniques effectively.

Tata-Sky-IPTV

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Tata Sky/Play IPTV Script generator is a tool that creates an m3u playlist containing direct streamable files, specifically designed for users with a Tata Sky subscription. It offers both an easy-to-use app and a command-line script for generating the playlist, with features like automatic login credential storage and expiration notifications for the generated playlist. This tool is primarily aimed at facilitating seamless access to subscribed channels through compatible IPTV applications.

tenet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tenet is an IDA Pro plugin designed for exploring execution traces of binaries, facilitating a more intuitive navigation of complex execution patterns. It supports bidirectional exploration of traces with visual representation of execution flow, along with features for zooming and setting breakpoints on instructions and memory. This tool is particularly useful for reverse engineers aiming to analyze program behavior and execution contexts in a detailed manner.

README

Tenet - A Trace Explorer for Reverse Engineers

terracognita

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Terracognita is a tool that automates the import of existing cloud infrastructure into Terraform configurations (HCL) or Terraform state, particularly supporting AWS, GCP, Azure, and VMware. It streamlines the adoption of Infrastructure as Code (IaC) best practices by generating Terraform code from current cloud setups, enabling easier lifecycle management and integration with Cycloid’s DevOps pipelines. Notable features include support for multiple major cloud providers and an open-source nature that encourages community contributions.

Textractor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Textractor is an open-source text hooking tool designed for x86/x64 video games on Windows and Wine, enabling users to extract in-game text for translation or accessibility purposes. It features automatic hooking for multiple game engines, extensive customization options, and support for AGTH hook codes, making it adaptable for varied gaming environments. The tool also allows for the development of custom extensions, enhancing its functionality and user experience.

README

Textractor

The_Holy_Book_of_X86

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Holy Book of X86 is a comprehensive guide focused on x86 architecture, assembly language, and operating system internals, aimed at enhancing the reader’s understanding of computer systems. It features a crash course in x86 assembly and covers essential topics such as memory management, paging, segmentation, and interrupts, making it suitable for learners and practitioners in systems programming and reverse engineering. Notably, the repository includes practical examples and applications in pure assembly, aiding in the development of foundational skills in low-level programming.

Tigress_protection

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tigress is a virtualizer and obfuscator for the C programming language that provides extensive defenses against both static and dynamic reverse engineering through advanced code transformation techniques. Its notable features include the generation of diverse virtual instruction sets, embedding of bogus functions, the application of anti de-virtualization measures, and support for continuous runtime code modification. The tool is particularly designed for security researchers looking to protect code integrity and for those involved in code analysis challenges requiring the deobfuscation of protected binaries.

TiltedEvolution

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tilted Online is a framework designed to facilitate multiplayer gameplay in Bethesda’s Skyrim Special Edition. It provides essential components such as game client sources, an immersive launcher, and server implementations, all structured to enhance the multiplayer experience. Notable features include a modular architecture for client-server interactions and community-driven development, allowing contributors with C++ experience to actively participate.

README

Tilted Online

tiny_tracer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tiny Tracer is a binary instrumentation tool designed for tracing API calls, defined local functions, selected instructions, and inline system calls, while also evading various anti-debug and anti-VM techniques. It generates detailed reports in a .tag format, which can be utilized by other analysis tools, facilitating deeper insights into a program’s execution flow. The tool is primarily aimed at security researchers and analysts who need to examine malicious binaries or analyze software behavior in a controlled environment.

toolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Indetectables Toolkit is a comprehensive suite designed for malware analysts and cybersecurity professionals, offering a wide range of 101 tools for various tasks. Key features include automated updates via a Universal Updater, easy extensibility for adding new tools, and integration with Windows context menus for enhanced usability. The toolkit aims to streamline the workflow for both novice and experienced users while providing reliable and curated resources for cybersecurity operations.

TRADFRI-Hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TRADFRI-Hacking is a project designed to facilitate the reverse engineering and customization of IKEA’s TRÅDFRI home automation products, which utilize Zigbee technology. It offers detailed resources for product teardowns, firmware manipulation, and the creation of custom hardware solutions using the TRÅDFRI modules, including tools for firmware dumping and development. Notable features include an extensive documentation of various TRÅDFRI products, customizable firmware options, and insights into hardware modifications, empowering developers to repurpose and enhance these smart home devices.

Triton

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Triton is a dynamic binary analysis library designed for building program analysis tools, enabling automated reverse engineering and software verification. It supports dynamic symbolic execution and taint analysis across multiple architectures including x86, ARM, and RISC-V, and features a powerful API in both C++ and Python, as well as capabilities for expression synthesis, SMT solver integration, and LLVM lifting.

README

Triton is a dynamic binary analysis library. It provides internal components that allow you to build your program analysis tools, automate reverse engineering, perform software verification or just emulate code.

TRX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TRX is an open-source reimplementation of the classic Tomb Raider games (I, II, and III), designed to enhance gameplay through decompilation and integration of open-source components. The engine supports distinct mechanics for all three titles and features enhancements such as customizable draw distances, a developer console, updated UI elements, and the capability to run custom levels. Notably, TRX is cross-platform, supporting Windows, Linux, and macOS, with extensive controller compatibility and customizable control options.

TryHackMe-Roadmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The TryHackMe Road Map repository provides a comprehensive list of over 350 free TryHackMe rooms categorized by various cybersecurity topics to facilitate learning and practice in ethical hacking. Its primary use case is to help individuals, from beginners to advanced users, streamline their training by accessing a structured pathway through challenges in areas such as Linux fundamentals, web security, and more. Notable features include the organization of topics for a sequential learning approach and the inclusion of various practical scenarios to enhance hands-on experience in cybersecurity.

unipacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Un{i}packer is a platform-independent tool designed for the automatic unpacking of Windows Portable Executable (PE) files that have been packed using various runtime packers, thereby facilitating malware analysis. Utilizing the Unicorn Engine for emulation, it effectively handles multiple well-known packers, including ASPack and UPX, and allows for manual input of addresses for less common packers. This tool is particularly beneficial for analysts seeking to bypass challenges posed by malware obfuscation and streamline the unpacking process without requiring a Windows environment.

VAC

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VAC is a user-mode anti-cheat system developed by Valve, designed to operate non-invasively on Windows systems. The tool utilizes a set of modules to gather critical system information, enumerate processes, and monitor game performance, primarily focusing on maintaining the integrity of online gaming environments. Notable features include the use of various encryption and hashing methods, such as MD5 and CRC32, to secure operations and information within its modules.

Validity90

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Validity90 is a tool focused on reverse engineering the communication protocol of various Validity fingerprint readers, such as models 138a:0090 and 138a:0094. It aims to create an open-source driver for integration with the libfprint library, featuring a Wireshark dissector for analyzing encrypted communication and a standalone prototype for testing device functionalities. Notably, the project is actively developing specifications and protocols for multiple devices, with partial implementation already achieving scan and internal database check capabilities.

vivisect

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Vivisect is a versatile framework that integrates disassembly, static analysis, symbolic execution, and debugging capabilities, designed for use in cybersecurity tasks. Its primary use case is to facilitate in-depth analysis of binary executables, assisting researchers and security professionals in vulnerability discovery and exploitation analysis. Notable features include Python 3 compatibility, a graphical user interface, and seamless integration with documentation for enhanced usability.

README

Vivisect / Vdb / Vtrace

A combined disassembler/static analysis/symbolic execution/debugger framework.

vmlinux-to-elf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: vmlinux-to-elf is a tool designed to convert vmlinux, vmlinuz, bzImage, or zImage kernel images into fully analyzable ELF files, recovering function and variable symbols from compressed kernel symbol tables. Its primary use case is embedded systems reverse engineering, enabling users to analyze the resulting ELF files with tools such as IDA Pro and Ghidra. Notable features include automatic detection and unpacking of the main compression formats used in Linux kernels, as well as a graphical user interface for enhanced usability.

vulhunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VulHunt is a vulnerability hunting framework aimed at assisting security researchers in identifying vulnerabilities within software binaries and UEFI firmware. Built on Binarly’s BIAS, it supports large-scale vulnerability management and integrates community-developed rulepacks while offering scanning capabilities for various binary formats, including BA2 and Binary Ninja databases. Additionally, it features an MCP server for integration with AI assistants, facilitating real-time vulnerability analysis and reporting.

README

VulHunt Community Edition

VulHunt is a vulnerability hunting framework developed by Binarly’s Research team. It is designed to help security researchers and practitioners identify vulnerabilities in software binaries and UEFI firmware. VulHunt is built on top of Binarly’s Binary Analysis and Inspection System (BIAS), which provides a powerful and flexible environment for analysing and understanding binaries. VulHunt integrates with the capabilities of the Binarly Transparency Platform (BTP) to enable large-scale vulnerability management, hunting, and triage capabilities.

webcrack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: webcrack is a reverse engineering tool designed for JavaScript that deobfuscates code produced by obfuscator.io, unminifies, and unpacks files from webpack and browserify, aiming to restore the original source code structure. Notable features include performance optimizations, auto-detection of code patterns, and the removal of obfuscator artifacts, all implemented in TypeScript with a robust testing suite. The tool is accessible via a command line interface and offers an API for integration into other applications.

WebPlotDigitizer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WebPlotDigitizer is a computer vision-assisted tool designed to extract numerical data from images of data visualizations, facilitating data retrieval for researchers and professionals across various fields. Its primary use case is converting graphical data representations, such as plots and charts, into usable datasets. Notable features include a user-friendly interface and cloud-based AI support for enhanced data extraction capabilities.

README

WebPlotDigitizer

A large quantity of useful data is locked away in images of data visualizations. WebPlotDigitizer is a computer vision assisted software that helps extract numerical data from images of a variety of data visualizations.

WechatMagician

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WechatMagician is an Xposed plugin that empowers users to control chat messages and Moments in WeChat, supporting versions 6.5.3 and above. Its notable features include preventing message recalls, allowing multiple image sends, and blocking advertisements in Moments, while maintaining a modular design for stability and ease of use. The tool also offers privacy-focused functionalities, such as marking chats as read in bulk and hiding chat traces with designated friends.

Whaler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Whaler is a Go-based tool that facilitates the reverse engineering of Docker images by reconstructing the Dockerfile that generated them. Its primary use case involves extracting valuable information from Docker images, such as identifying added files, detecting potential secret files, and displaying metadata including open ports and environment variables. Notable features include the ability to automatically pull Docker images, filter out irrelevant filenames, and save image layers for further analysis.

wireless-carplay-dongle-reverse-engineering

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Wireless Carplay Dongle Reverse Engineering tool provides a framework for gaining root access and modifying firmware on various Carlinkit wireless Carplay dongles, primarily aimed at enthusiasts looking to customize their devices. Key features include the ability to switch between firmware versions using both software and hardware methods, alongside insights into hardware components and their specifications. Additionally, the repository documents the challenges faced due to recent updates from Carlinkit that have hardened the firmware against reverse engineering.

WPeChatGPT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPeChatGPT is an IDA plugin that leverages OpenAI’s gpt-3.5-turbo model to assist analysts in evaluating binary files. Its primary use case includes analyzing binary functions for their intended purpose, renaming variables, restoring functions using Python, identifying vulnerabilities, and automatically generating exploits for those vulnerabilities. Notable features include support for automatic analysis of binary files through Auto-WPeGPT and the ability to work seamlessly within the IDA environment using various shortcuts and menu options.

xAnalyzer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: xAnalyzer is a plugin for the x64dbg debugger designed to enhance static code analysis of debugged applications. It leverages extensive API function call detection and provides detailed function definitions, argument types, and additional debugging information, greatly improving the user’s comprehension before commencing debugging tasks. Notable features include automatic loop detection, user-maintained definition files, and support for over 13,000 API definitions from approximately 200 DLLs.

README

XELFViewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XELFViewer is a cross-platform ELF file viewer and editor designed for Windows, Linux, and MacOS environments. Its primary use case includes analyzing and modifying ELF (Executable and Linkable Format) files, which are commonly used in Unix-based operating systems. Notable features include a user-friendly interface for navigation, functionality for both viewing and editing file contents, and support for community translations.

README

ELF file viewer/editor for Windows, Linux and MacOS.

XMachOViewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XMachOViewer is a cross-platform Mach-O file analysis tool designed for Windows, Linux, and macOS. Its primary use case involves examining Mach-O binaries through features such as heuristic scanning, string and hex viewing, disassembly, entropy analysis, and dynamic library linking, enabling users to uncover characteristics, anomalies, and cryptographic signatures within the files. Notable features include support for multiple architectures, automatic file format detection, and a detailed symbol table viewer.

xoreos

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: xoreos is an open-source reimplementation of BioWare’s Aurora engine, targeting classic games like Neverwinter Nights and Dragon Age II to provide portable access across platforms. The tool currently supports basic graphics rendering and sound playback, with partial in-game graphics and a starting point for a scripting system, though no full gameplay mechanics are implemented yet. Its modular design allows for contributions from the community, fostering ongoing development and enhancement of supported titles.

XPEViewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XPEViewer is a cross-platform PE file viewer and editor designed for Windows, Linux, and macOS environments. Its primary use case is to facilitate the analysis and modification of Portable Executable (PE) files, making it a valuable tool for reverse engineers and software developers. Notable features include functionality for viewing various PE file sections, editing capabilities, and support for community contributions through translation.

README

Zygisk-Il2CppDumper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Zygisk-Il2CppDumper is a tool designed for dumping IL2CPP data at runtime while leveraging Zygisk to effectively bypass various protections, encryptions, and obfuscations. Its primary use case is for developers and security researchers needing to extract and analyze IL2CPP binaries from Android applications. Notable features include its compatibility with Magisk, flexible installation methods, and the ability to automate the dumping process through GitHub Actions or Android Studio.

README

Zygisk-Il2CppDumper

Il2CppDumper with Zygisk, dump il2cpp data at runtime, can bypass protection, encryption and obfuscation.

Reverse-Engineering on HackyFeed

.github

README

Pretendo Network

Contents

.NET-Deobfuscator

.NET-Obfuscator

README

.NET-Obfuscator

ai-website-cloner-template

Android-Security-Exploits-YouTube-Curriculum

android-unpacker

README

android-unpacker

android-unpinner

Androl4b

Andromeda

README

anti-emulator

README

anti-emulator

AntiCheat-Testing-Framework

README

AntiCheat-Testing-Framework

AntiDBG

apk.sh

apkleaks

README

APKLeaks

apkstudio

apple-knowledge

README

Apple Data Formats and Knowledge

AppleNeuralHash2ONNX

README

AppleNeuralHash2ONNX

appmon

AsmResolver

Awesome-Android-Reverse-Engineering

Awesome-Blackhat-Tools

awesome-executable-packing

Awesome-Hacking-Resources

awesome-list

README

Awesome Cybersecurity List

awesome-llvm-security

awesome-mobile-security

Baileys

README

BinAbsInspector

README

What is BinAbsInspector?

binaryninja-api

README

Binary Ninja API

bincat

binder-trace

README

Binder Trace

binexport

binsider

README

Documentation | Website

biodiff

botw

README

The Legend of Zelda: Breath of the Wild

CANalyzat0r

README

CAPEv2

copilot-api

Cpp2IL

CTFs

README

CTFs

ctftool

ddisasm

debundle

dembrandt

dethrace