Skip to content

Latest commit

 

History

History
75 lines (52 loc) · 4.35 KB

general.md

File metadata and controls

75 lines (52 loc) · 4.35 KB
description
Statically Analyze Code

General

BinNavi

IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

Website: https://github.com/google/binnavi
Author: Google/Zynamics
License: Apache License 2.0: https://github.com/google/binnavi/blob/master/LICENSE
Notes: binnavi
State File: remnux.tools.binnavi

Ghidra

Software reverse engineering tool suite

Website: https://ghidra-sre.org
Author: National Security Agency
License: Apache License 2.0: https://github.com/NationalSecurityAgency/ghidra/blob/master/LICENSE
Notes: Close CodeBrowser before exiting Ghidra to prevent Ghidra from freezing when you reopen the tool (it's a Ghidra bug).
State File: remnux.packages.ghidra

Cutter

Reverse engineering platform powered by Rizin

Website: https://cutter.re
Author: https://github.com/rizinorg/cutter/graphs/contributors
License: GNU General Public License (GPL) v3.0: https://github.com/rizinorg/cutter/blob/master/COPYING
Notes: If you're planning to use Cutter when running REMnux as a Docker container, you'll need to include the --privileged parameter when invoking the REMnux distro image in Docker.
State File: remnux.tools.cutter

Detect-It-Easy

Determine types of files and examine file properties.

Website: https://github.com/horsicq/Detect-It-Easy
Author: hors: https://twitter.com/horsicq
License: MIT License: https://github.com/horsicq/Detect-It-Easy/blob/master/LICENSE
Notes: GUI tool: die, command-line tool: diec.
State File: remnux.tools.detect-it-easy

Qiling

Emulate code execution of PE files, shellcode, etc. for a variety of OS and hardware platforms.

Website: https://www.qiling.io
Author: https://github.com/qilingframework/qiling/blob/master/AUTHORS.TXT
License: GNU General Public License (GPL) v2.0: https://github.com/qilingframework/qiling/blob/master/COPYING
Notes: Use qltool to analyze artifacts. Before analyzing Windows artifacts, gather Windows DLLs and other components using the dllscollector.bat script. Read the tool's documentation to get started.
State File: remnux.python3-packages.qiling

Vivisect

Statically examine and emulate binary files.

Website: https://github.com/vivisect/vivisect
Author: invisigoth: [email protected], installable vivisect module by Willi Ballenthin: https://twitter.com/williballenthin
License: Apache License 2.0: https://github.com/vivisect/vivisect/blob/master/LICENSE.txt
Notes: vivbin, vdbbin
State File: remnux.python3-packages.vivisect

objdump

Disassemble binary files.

Website: https://en.wikipedia.org/wiki/Objdump
Author: Unknown
License: GNU General Public License (GPL)
State File: remnux.packages.binutils