{"id":49584855,"url":"https://github.com/js360000/re-pro","last_synced_at":"2026-05-03T22:04:00.680Z","repository":{"id":355399592,"uuid":"1227944577","full_name":"js360000/RE-Pro","owner":"js360000","description":"Cross-platform reverse-engineering workbench for source recovery, binary/package analysis, reconstruction, rebuild workflows, and LLM-assisted porting.","archived":false,"fork":false,"pushed_at":"2026-05-03T11:52:47.000Z","size":2158,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-03T13:26:54.751Z","etag":null,"topics":["binary-analysis","decompiler","ghidra","llm","mcp","recovery","reverse-engineering"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/js360000.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-03T11:34:57.000Z","updated_at":"2026-05-03T13:03:50.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/js360000/RE-Pro","commit_stats":null,"previous_names":["js360000/re-pro"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/js360000/RE-Pro","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/js360000%2FRE-Pro","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/js360000%2FRE-Pro/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/js360000%2FRE-Pro/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/js360000%2FRE-Pro/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/js360000","download_url":"https://codeload.github.com/js360000/RE-Pro/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/js360000%2FRE-Pro/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32586189,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T06:36:36.687Z","status":"ssl_error","status_checked_at":"2026-05-03T06:36:09.306Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["binary-analysis","decompiler","ghidra","llm","mcp","recovery","reverse-engineering"],"created_at":"2026-05-03T22:03:57.510Z","updated_at":"2026-05-03T22:04:00.674Z","avatar_url":"https://github.com/js360000.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# RE-Pro\n\n![Python 3.10+](https://img.shields.io/badge/python-3.10%2B-blue)\n![Interfaces](https://img.shields.io/badge/interfaces-CLI%20%7C%20GUI%20%7C%20MCP-2f6f4e)\n![LLM support](https://img.shields.io/badge/LLM-GPT--5.5%20%7C%20GPT--5.4-1f6feb)\n![Platforms](https://img.shields.io/badge/platform-Windows%20%7C%20Linux%20%7C%20macOS-444)\n\n![RE-Pro hero](docs/assets/hero.png)\n\nRE-Pro is a cross-platform reverse-engineering workbench built to turn opaque binaries and packaged apps into readable evidence, recovered source, and actionable rebuild workflows.\n\nIt combines format-aware extraction, source restoration, external tool orchestration, graph-based correlation, Codex/OpenAI-assisted approximation, rebuild planning, and patch/signing workflows in one system with a CLI, a PyQt5 desktop GUI, and an MCP server.\n\n## Support RE-Pro\n\nIf RE-Pro helps your reverse-engineering or porting work, donations are appreciated:\n\nBitcoin: `bc1qzyzwkfgfkeu3v44edwxaw0pre2fdvl6nd8hv0w`\n\n## Why RE-Pro\n\n- Recover real source when it ships: source maps, managed resources, BAML/XAML, Tauri assets, manifests, symbols, package metadata, and bundled web payloads.\n- Correlate everything: functions, strings, frameworks, artifacts, resources, findings, and external tool exports land in a unified analysis graph.\n- Move beyond reporting: RE-Pro generates project templates, rebuild plans, signing plans, patch bundles, and bounded package actions instead of stopping at static dumps.\n- Work from any interface: GUI for browsing/editing, CLI for repeatable automation, and MCP for LLM-driven evidence, reconstruction, and rebuild workflows.\n- Use either OpenAI API keys or Codex ChatGPT OAuth credentials from `.codex/auth.json` for GPT-assisted reconstruction.\n\n## Highlights\n\n### Platform and Package Coverage\n\n- Windows: PE, MSI, NSIS, Inno, CAB, .NET apphosts and bundles, PDB workflows, PE resources, native/game/UI heuristics.\n- Android: APK, APKS, AAB, DEX, AAR, `resources.arsc`, JADX/apktool workflows, source-map recovery, signing and repack support.\n- Apple: `.app`, `.ipa`, `.dmg`, `.pkg`, Mach-O inspection, entitlements, provisioning profiles, app extensions, framework heuristics.\n- Linux and native ecosystems: ELF, AppImage, SquashFS, WASM, MIPS/PS2-style ELFs, Capstone previews, Ghidra/rizin/radare2 exports.\n- Java and managed ecosystems: JAR, WAR, EAR, AAR, ILSpy, WPF/BAML/XAML recovery, ReadyToRun detection, managed resource extraction.\n- Console and game formats: PSARC, PSP PBP/DATA.PSP/DATA.PSAR, PS3 PKG metadata, RARC, CRI/CPK, U8, NARC, AFS, HOG, WAD-family markers, GDeflate and DDL-oriented game payload hints.\n\n### Recovery and Analysis\n\n- JavaScript and web source-map restoration with shipped `sourcesContent`.\n- Electron `app.asar` and unpacked resource recovery, including native ASAR fallback extraction.\n- Tauri embedded asset extraction and frontend restoration.\n- Best-effort frontend source reconstitution when source maps are absent, including hash-stripped asset names, Babel AST formatting, React compiler cache normalization, import/name propagation, JSX recovery, and optional LLM source-grade rewrites.\n- Remote PDB acquisition from symbol servers.\n- Unified `analysis_index.json` with normalized entities and relations.\n- Structured ingestion and cross-correlation of Ghidra, rizin, radare2, JADX, and ILSpy-oriented exports.\n- MSVC RTTI, vftable, class layout, constructor/destructor phase, thunk, call-edge, and pseudo-C++ source synthesis for symbol-poor native binaries.\n- Live-process capture for already-running Windows software, including module metadata, readable memory dumps, mapped-image options, carved runtime payloads, and Frida-oriented traces.\n\n### Reconstruction and Rebuild\n\n- Architecture-porting workspaces with prepared source trees, x86/x64-to-arm64 style guidance, and heuristic or LLM-assisted portability notes.\n- Recompile workspaces with Android Studio, Xcode, Node, Tauri/Electron, and CMake-oriented templates.\n- Rebuild plans, signing plans, patch plans, run-to-run diffs, and diff-driven patch bundles.\n- Bounded package actions for APK signing, Electron repack, Tauri packaging, and patch application.\n- PSARC create/rebuild workflows preserving compression choices, block sizes, file order, and editable extracted overlays.\n- Source-first browser workspaces for viewing and editing recovered files, manifests, archives, executables, JSON resources, PARAM.SFO, and hex/base64 nodes.\n- Optional GPT-5.5/GPT-5.4-assisted approximation when direct source recovery is weak.\n\nFor a more scan-friendly matrix, see [docs/supported-formats.md](docs/supported-formats.md).\n\n### Interfaces\n\n- PyQt5 desktop GUI for reports, artifacts, recovered sources, and graph-driven pivots.\n- Dedicated GUI surfaces for function evidence, recovery quality, background/stub jobs, live LLM status, and source-first file editing.\n- CLI for analysis, live-process capture, source browsing/editing, architecture-port generation, profiles, comparison, patch-bundle creation, packaging actions, MCP launch details, and tooling install.\n- MCP server exposing analysis, graph search, reconstruction, validation, diff, rebuild, and packaging workflows to external LLM clients.\n- Saved JSON profiles for repeatable analysis and package-action runs.\n\n## Fast Start\n\n```bash\npython -m pip install -e .\nre-pro analyze path\\to\\target.exe -o analysis_output\n```\n\nFor a fuller local setup:\n\n```bash\nre-pro install-tools\nre-pro analyze path\\to\\target.exe -o analysis_output --external-tools\n```\n\n## Windows Releases\n\nWindows release archives contain a compiled executable plus convenience wrappers:\n\n- `re-pro.exe` for the CLI, package actions, MCP server, and GUI launcher.\n- `re-pro-gui.cmd` to launch `re-pro.exe gui`.\n- `re-pro-mcp.cmd` to launch `re-pro.exe mcp-server`.\n\nTo build the Windows release artifacts locally:\n\n```powershell\nC:\\path\\to\\python311.exe -m venv .release-venv\n.\\.release-venv\\Scripts\\python.exe -m pip install -e . pyinstaller build\n.\\scripts\\build_windows_release.ps1 -Python .\\.release-venv\\Scripts\\python.exe\n```\n\n## CLI\n\nAnalyze a target:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output\n```\n\nRun a high-yield pass with external tools, source beautification, Codex OAuth LLM support, and porting guidance:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --external-tools --beautify-frontend --llm --llm-auth codex-oauth --llm-model gpt-5.5 --llm-reasoning high --port-target-arch arm64 --port-mode hybrid\n```\n\nCompare two existing runs:\n\n```bash\nre-pro compare-runs path\\to\\base_run path\\to\\head_run -o diff_output\n```\n\nCreate and apply a patch bundle from two runs:\n\n```bash\nre-pro create-patch-bundle path\\to\\base_run path\\to\\head_run -o patch_bundle\nre-pro package-action --workspace-root path\\to\\run\\porting\\recompile --ecosystem patch --action apply-bundle --patch-bundle-path patch_bundle --target-root path\\to\\target_root\n```\n\nRun package rebuild or signing actions:\n\n```bash\nre-pro package-action --workspace-root path\\to\\run\\porting\\recompile --ecosystem electron --action repack\nre-pro package-action --workspace-root path\\to\\run\\porting\\recompile --ecosystem tauri --action repack\nre-pro package-action --workspace-root path\\to\\run\\porting\\recompile --ecosystem android-gradle --action sign-apk --artifact-path app.apk --keystore-path debug.keystore --key-alias androiddebugkey\n```\n\nCreate or rebuild PSARC archives:\n\n```bash\nre-pro package-action --workspace-root path\\to\\workspace --ecosystem archive --action create-psarc --target-root path\\to\\assets --output-path out\\assets.psarc --compression zlib --compression-level 9 --block-size 0x10000\nre-pro package-action --workspace-root path\\to\\workspace --ecosystem archive --action overlay-rebuild --artifact-path base.psarc --target-root path\\to\\edited_extract --output-path out\\patched.psarc\n```\n\nPSP PBP/DATA.PSP/DATA.PSAR handling is available through analysis and the file browser:\n\n```bash\nre-pro analyze path\\to\\EBOOT.PBP -o analysis_output --external-tools\nre-pro browse build path\\to\\analysis_run --rebuild\nre-pro browse write path\\to\\analysis_run node_00042 --mode json --content-file edited_PARAM.SFO.json\nre-pro browse patch path\\to\\analysis_run node_00043 --offset 0x20 --hex \"00 00 00 00\"\n```\n\n`pspdecrypt` is used for DATA.PSP decryption and DATA.PSAR extraction. `psp-packer` is used for DATA.PSP PRX packing when edited decrypted payloads are saved. DATA.PSAR repack/encrypt is exposed through `RE_PRO_PSP_PSAR_PACK_CMD` because no bundled general PSAR repacker is available.\n\nLoad additional local analyzer plugins:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --plugin-dir path\\to\\plugins\n```\n\nAttach to a live process or capture by process name:\n\n```bash\nre-pro live-process list --query pcsx2\nre-pro live-process capture --process-name pcsx2-qt.exe -o analysis_output\\pcsx2_live --include-images\nre-pro analyze --live-attach --live-process-name pcsx2-qt.exe -o analysis_output\n```\n\nBuild and edit a source-first browser workspace for an existing run:\n\n```bash\nre-pro browse build path\\to\\analysis_run --rebuild\nre-pro browse read path\\to\\analysis_run node_00042 --mode json\nre-pro browse write path\\to\\analysis_run node_00042 --mode text --content-file edited_file.cpp\nre-pro browse patch path\\to\\analysis_run node_00043 --offset 0x120 --hex \"90 90\"\n```\n\nGenerate an architecture-porting workspace from an existing run:\n\n```bash\nre-pro architecture-port path\\to\\analysis_run --source-arch x86_64 --target-arch arm64 --mode hybrid\n```\n\nSave, load, and inspect repeatable profiles:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --save-profile \"Deep native pass\"\nre-pro profiles list --query native\nre-pro analyze --profile \"Deep native pass\"\n```\n\n## Tooling\n\nInstall local reverse-engineering dependencies:\n\n```bash\nre-pro install-tools\n```\n\nThat tooling surface includes support for Ghidra, rizin, radare2, JADX, apktool, ILSpy, .NET workflows, Frida-oriented runtime tracing, and helper runtimes used by RE-Pro's analysis and rebuild paths.\n\nFor richer runtime instrumentation:\n\n```bash\npython -m pip install frida frida-tools\nre-pro analyze path\\to\\target.exe -o analysis_output --runtime-trace\n```\n\nFor optional NVIDIA GDeflate recovery in game pipelines:\n\n```bash\npython -m pip install nvidia-nvcomp-cu12\n```\n\nFor remote symbol acquisition, RE-Pro uses Microsoft's public symbol server by default. To override or extend the server list:\n\n```bash\nset RE_PRO_SYMBOL_SERVERS=https://msdl.microsoft.com/download/symbols/;https://your-symbol-server.example/symbols/\n```\n\n## GPT and Codex Reconstruction\n\nRE-Pro can call OpenAI models through a normal API key or through the Codex ChatGPT OAuth token cache written by Codex CLI/Desktop. The default `--llm-auth auto` mode uses `OPENAI_API_KEY` first, then falls back to `CODEX_AUTH_JSON`, `CODEX_HOME\\auth.json`, or `~\\.codex\\auth.json`.\n\nAPI-key mode uses the OpenAI Responses API directly. Codex OAuth mode shells out to `codex exec` so the Codex CLI handles ChatGPT token refresh and backend access; install and sign in with Codex first (`npm install -g @openai/codex`, then `codex login`) before using `--llm-auth codex-oauth`.\n\nRun GPT-assisted reconstruction with an API key:\n\n```bash\nset OPENAI_API_KEY=...\nre-pro analyze path\\to\\target.exe -o analysis_output --llm --llm-model gpt-5.5 --llm-reasoning high --llm-background --llm-task \"Focus on updater and IPC logic\"\n```\n\nFor interactive runs where you want the model's markdown summary mirrored into the terminal log immediately:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --llm --llm-foreground --llm-model gpt-5.5\n```\n\nRun through Codex OAuth instead of an API key:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --llm --llm-auth codex-oauth --llm-model gpt-5.5 --llm-reasoning xhigh\n```\n\nUse a custom Codex auth cache:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --llm --llm-auth codex-oauth --codex-auth-json C:\\Users\\you\\.codex\\auth.json\n```\n\nAuto-trigger GPT only when recovery is weak:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --llm-auto --llm-background\n```\n\nSet model, reasoning, verbosity, and output limits explicitly:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --llm --llm-model gpt-5.5 --llm-reasoning medium --llm-verbosity medium --llm-max-output 128000\n```\n\nDisable autonomous dependency installation or build checks:\n\n```bash\nre-pro analyze path\\to\\target.exe -o analysis_output --llm --llm-no-install --llm-no-build-checks\n```\n\nSupported reasoning values are `none`, `low`, `medium`, `high`, and `xhigh` for current GPT-5.5/GPT-5.4-class models. The GUI exposes the same model, auth, reasoning, verbosity, output-token, background-job, dependency-install, and build-check controls.\n\n## MCP\n\nRun RE-Pro as an MCP server over standard I/O:\n\n```bash\nre-pro mcp-server --transport stdio\n```\n\nOr via the dedicated entry point:\n\n```bash\nre-pro-mcp --transport stdio\n```\n\nFor HTTP-capable MCP clients:\n\n```bash\nre-pro mcp-server --transport streamable-http --host 127.0.0.1 --port 8000\n```\n\nTo print exact MCP client JSON, or start the MCP server in the background and write the client config:\n\n```bash\nre-pro mcp-info --transport streamable-http --host 127.0.0.1 --port 8000 --start\n```\n\nThe MCP surface exposes:\n\n- Analysis execution through `analyze_target`.\n- Run discovery and inspection through `list_analysis_runs`, `read_report`, `read_analysis_index`, `search_analysis_index`, and `get_index_entity`.\n- Artifact and recovered-source browsing through `list_artifacts`, `list_recovered_sources`, and `read_output_file`.\n- Rebuild workspace preparation and validation through `prepare_recompile_workspace`, `inspect_toolchains`, `install_project_dependency`, `run_project_command`, `write_reconstruction_file`, and `validate_reconstruction_file`.\n- Run-to-run comparison through `compare_analysis_runs`.\n- Patch-bundle creation through `create_patch_bundle_from_runs`.\n- Package rebuild, signing, and patch execution through `run_packaging_action`.\n- Client-side sampling workflows through `approximate_source_with_sampling`.\n\nThis makes MCP a genuine alternative to direct API integration: an external LLM can inspect the graph, browse evidence, write grounded approximations, validate them locally, and drive rebuild steps through RE-Pro's own execution surface.\n\n## GUI\n\nLaunch the desktop GUI with:\n\n```bash\nre-pro-gui\n```\n\nOr on this repo's Windows setup:\n\n```bash\nlaunch_gui.bat\n```\n\nThe GUI includes controls for Ghidra and external-tool jobs, frontend beautification, Codex/API-key LLM settings, architecture porting, runtime tracing, live-process attachment, profile save/load, MCP server startup with exact JSON, package actions, workspace browsing, and report/artifact/source inspection.\n\n## Output\n\nEach analysis run writes a timestamped folder containing:\n\n- `report.json`\n- `report.md`\n- `analysis_index.json`\n- `analysis_pipeline.json`\n- recovered sources and extracted artifacts\n- porting guidance and prepared source bundles\n- recompile templates and manifests\n- recovery quality, evidence graph, and stub-elimination manifests\n- optional diff, patch, and packaging outputs\n- optional `llm_assist`, `mcp_reconstruction`, `runtime_trace`, `live_process`, `browser_workspace`, and frontend source-lift outputs\n\n## Plugins\n\nRE-Pro auto-loads local analyzer plugins from [plugins/README.md](plugins/README.md) when the `plugins/` directory exists. Additional plugin directories can be passed with `--plugin-dir`, and packaged plugins can register entry points under `re_pro.analyzers`.\n\n## Important Limits\n\nThere is no universal, lossless decompiler for arbitrary native binaries.\n\nFor C, C++, Rust, Go, and other stripped native targets, RE-Pro can classify, extract symbols, recover adjacent artifacts, drive specialist tooling, and help reconstruct plausible project structure, but it cannot guarantee restoration of the original source tree unless the binary or package actually ships that information.\n\nElectron and web-style apps remain some of the highest-yield targets for file-name and source restoration because they often ship:\n\n- `app.asar` or unpacked JS bundles\n- `package.json`\n- source maps with `sources` and `sourcesContent`\n- original relative file paths embedded in build metadata\n\nInstaller-wrapped apps should usually be unpacked first. RE-Pro detects common Windows and Apple packaging wrappers and can extract nested payloads like `.exe`, `.dll`, `.app`, `app.asar`, and source maps before deeper analysis.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjs360000%2Fre-pro","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjs360000%2Fre-pro","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjs360000%2Fre-pro/lists"}