{"id":19528868,"url":"https://github.com/netspi/binrev","last_synced_at":"2026-03-01T04:35:05.397Z","repository":{"id":10415409,"uuid":"12573483","full_name":"NetSPI/binrev","owner":"NetSPI","description":null,"archived":false,"fork":false,"pushed_at":"2013-10-14T16:56:30.000Z","size":95,"stargazers_count":23,"open_issues_count":0,"forks_count":15,"subscribers_count":62,"default_branch":"master","last_synced_at":"2025-04-26T11:38:01.331Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NetSPI.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-09-03T20:00:35.000Z","updated_at":"2024-08-12T19:22:52.000Z","dependencies_parsed_at":"2022-09-07T14:10:31.964Z","dependency_job_id":null,"html_url":"https://github.com/NetSPI/binrev","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/NetSPI/binrev","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NetSPI%2Fbinrev","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NetSPI%2Fbinrev/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NetSPI%2Fbinrev/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NetSPI%2Fbinrev/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NetSPI","download_url":"https://codeload.github.com/NetSPI/binrev/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NetSPI%2Fbinrev/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29960253,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T01:47:18.291Z","status":"online","status_checked_at":"2026-03-01T02:00:07.437Z","response_time":124,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-11T01:20:28.825Z","updated_at":"2026-03-01T04:35:05.379Z","avatar_url":"https://github.com/NetSPI.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"Binrev- Automate reversing Windows binaries for pentesters\n============\n\nHere is a rough description of what it does, and what tools it is using:\n\nFor exe, dll files:\n-------------\n1.\tDetect and de-obfuscate for .NET libraries with de4dot \n2.\tDecompile .NET libraries with JustDecompile \n3.\tZip decompiled source code to netsources.zip \n4.\tRun strings against native libraries\n5.\tExport calleable functions with dllexp. You can then try to run those functions with command Rundll32 \u003cdll\u003e,\u003cfunction name\u003e \n6.\tExport dependencies with depends \n7.\tExtract native resources with resourcesextract \n\nFor jar files: \n-------------\n1.\tExtract and combine java classes into a single zip file\n2.\tDecompile java sources with procyon \n3.\tZip decompiled source code to javasources.zip\n\n\nRequirement\n============\n\n* .NET framework: http://www.microsoft.com/en-us/download/details.aspx?id=17851\n* Peverify: http://msdn.microsoft.com/en-us/library/62bwd2yd.aspx\n* Java 7: http://java.com/en/download/index.jsp\n* 7zip: http://www.7-zip.org/\n* De4dot: https://bitbucket.org/0xd4d/de4dot\n* JustDecompile: http://www.telerik.com/products/decompiler.aspx\n* Dll Export Viewer: http://www.nirsoft.net/utils/dll_export_viewer.html\n* Depends: http://www.dependencywalker.com/\n* Resources Extract: http://www.nirsoft.net/utils/resources_extract.html\n* Procyon https://bitbucket.org/mstrobel/procyon/wiki/Java%20Decompiler\n\n\nUsage\n============\n\n1.\tConfigure correct path to installed tools in the script:\n```\nset justdecompile=\"JustDecompile\\JustDecompile\"\nset dllexp=\"dllexp\\dllexp\"\nset peverify=peverify\nset zip=\"7-Zip\\7z\"\nset strings=\"strings\"\nset de4dot=\" de4dot-2.0.3\\de4dot\"\nset java7=\"C:\\Program Files (x86)\\Java\\jre7\\bin\\java\"\nset procyon=\"procyon-decompiler-0.5.7.jar\"\n```\n\n2.\tRun\n\n```\nBinrev [Source folder] [Output folder]\n```\n\nOutput\n============\n* /java/decompiled: decompiled Java class files\n* /native: native win32 libraries\n* /native/resextract: native win32 resource files\n* /net/decompiled: decompiled .NET projects\n* /net/bin: .NET libraries and executables\n* /net/deobs: deobfuscated .NET libraries\n* /logs: strings on native libraries, exportable functions, dependencies, list of decompiled and native dlls\n* /other: unhandled file extensions","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetspi%2Fbinrev","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetspi%2Fbinrev","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetspi%2Fbinrev/lists"}