{"id":13462748,"url":"https://github.com/tylerha97/awesome-reversing","last_synced_at":"2025-05-14T23:08:08.964Z","repository":{"id":38361265,"uuid":"53292594","full_name":"tylerha97/awesome-reversing","owner":"tylerha97","description":"A curated list of awesome reversing resources","archived":false,"fork":false,"pushed_at":"2023-08-19T07:30:45.000Z","size":7,"stargazers_count":4251,"open_issues_count":15,"forks_count":584,"subscribers_count":197,"default_branch":"master","last_synced_at":"2025-05-09T21:34:14.968Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tylerha97.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2016-03-07T03:20:44.000Z","updated_at":"2025-05-09T20:31:47.000Z","dependencies_parsed_at":"2022-07-12T17:27:44.593Z","dependency_job_id":"2cfadb84-125f-4132-94d2-c57d8b7786cc","html_url":"https://github.com/tylerha97/awesome-reversing","commit_stats":null,"previous_names":["fdivrp/awesome-reversing"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tylerha97%2Fawesome-reversing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tylerha97%2Fawesome-reversing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tylerha97%2Fawesome-reversing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tylerha97%2Fawesome-reversing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tylerha97","download_url":"https://codeload.github.com/tylerha97/awesome-reversing/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253465864,"owners_count":21913057,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T13:00:29.327Z","updated_at":"2025-05-14T23:08:03.955Z","avatar_url":"https://github.com/tylerha97.png","language":null,"funding_links":[],"categories":["Reverse Engineering","Others","Related Awesome Lists","\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e攢集","Other Lists","Others (1002)","🎩 Hacking","Table of Contents","General","Reverse Engineering Tools","πŸ”— Related Lists","Forensics, Reversing, and OSINT"],"sub_categories":["Password Spraying Tools","TeX Lists","Awesome Repos","Other awesome-Collections","Penetration Testing Report Templates","Bandai Namco (Dragon Ball)","Secure OSes"],"readme":"# awesome-reversing \n\nA curated list of awesome reversing resources \n\n- [Awesome Reversing](#awesome-reversing)\n - [Books](#books)\n - [Courses](#courses)\n - [Channels](#channels)\n - [Practice](#practice)\n - [Hex Editors](#hex-editors)\n - [Binary Format](#binary-format)\n - [Disassemblers](#disassemblers)\n - [Binary Analysis](#binary-analysis)\n - [Bytecode Analysis](#bytecode-analysis)\n - [Import Reconstruction](#import-reconstruction)\n - [Dynamic Analysis](#dynamic-analysis)\n - [Debugging](#debugging)\n - [Mac Decrypt](#mac-decrypt)\n - [Document Analysis](#document-analysis)\n - [Scripting](#scripting)\n - [Android](#android)\n - [Yara](#yara)\n\n- - -\n\n## Books\n\n*Reverse Engineering Books*\n\n* [The IDA Pro Book](http://amzn.com/1593272898)\n* [Reverse Engineering for Beginners](http://beginners.re/)\n* [Assembly Language for Intel-Based Computers (5th Edition) ](http://a.co/4OR6I9U)\n* [Practical Reverse Engineering](http://amzn.com/B00IA22R2Y)\n* [Reversing: Secrets of Reverse Engineering](http://amzn.com/B007032XZK)\n* [Practical Malware Analysis](http://amzn.com/1593272901)\n* [Malware Analyst's Cookbook](http://amzn.com/B0047DWCMA)\n* [Gray Hat Hacking](http://amzn.com/0071832386)\n* [The Art of Memory Forensics](http://amzn.com/1118825098)\n* [Hacking: The Art of Exploitation](http://amzn.com/1593271441)\n* [Fuzzing for Software Security](http://amzn.com/1596932147)\n* [Art of Software Security Assessment](http://amzn.com/0321444426)\n* [The Antivirus Hacker's Handbook](http://amzn.com/1119028752)\n* [The Rootkit Arsenal](http://amzn.com/144962636X)\n* [Windows Internals Part 1](http://amzn.com/0735648735) [Part 2](http://amzn.com/0735665877)\n* [Inside Windows Debugging](http://amzn.com/0735662789)\n* [iOS Reverse Engineering](https://github.com/iosre/iOSAppReverseEngineering)\n* [The Shellcoders Handbook](http://a.co/6H55943)\n* [A Guide to Kernel Exploitation](http://a.co/aM4cENn)\n* [Agner's software optimization resources](http://www.agner.org/optimize/)\n* [Learning Malware Analysis](https://www.amazon.com/Learning-Malware-Analysis-techniques-investigate/dp/1788392507/)\n* [Binary Analysis](https://nostarch.com/binaryanalysis)\n* [Rootkits and Bootkits](https://nostarch.com/rootkits)\n* [Serious Cryptography](https://nostarch.com/seriouscrypto)\n\n## Courses\n\n*Reverse Engineering Courses*\n\n* [Lenas Reversing for Newbies](https://tuts4you.com/download.php?list.17)\n* [Open Security Training](http://opensecuritytraining.info/Training.html)\n* [Dr. Fu's Malware Analysis](http://fumalwareanalysis.blogspot.sg/p/malware-analysis-tutorials-reverse.html)\n* [Binary Auditing Course](http://www.binary-auditing.com/)\n* [TiGa's Video Tutorials](http://www.woodmann.com/TiGa/)\n* [Legend of Random](https://tuts4you.com/download.php?list.97)\n* [Practical Malware Analysis](https://samsclass.info/126/126_S17.shtml)\n* [Modern Binary Exploitation](http://security.cs.rpi.edu/courses/binexp-spring2015/)\n* [RPISEC Malware Course](https://github.com/RPISEC/Malware)\n* [begin.re](https://www.begin.re/)\n* [RE101](https://securedorg.github.io/RE101/)\n* [RE102](https://securedorg.github.io/RE102/)\n* [ARM Assembly Basics](https://azeria-labs.com/writing-arm-assembly-part-1/)\n* [Offensive and Defensive Android Reversing](https://github.com/rednaga/training/raw/master/DEFCON23/O%26D%20-%20Android%20Reverse%20Engineering.pdf)\n\n## Channels\n\n*Binary Analysis Channels*\n\n* [OALabs](https://www.youtube.com/channel/UC--DwaiMV-jtO-6EvmKOnqg)\n* [MalwareTech](https://www.youtube.com/channel/UCLDnEn-TxejaDB8qm2AUhHQ)\n* [GynvaelEN](https://www.youtube.com/user/GynvaelEN)\n* [VirusBtn](https://www.youtube.com/user/virusbtn)\n* [Intro to WinDBG](https://www.youtube.com/playlist?list=PLhx7-txsG6t6n_E2LgDGqgvJtCHPL7UFu)\n* [hasherzade](https://www.youtube.com/channel/UCNWVswPNgn5kutPNa5sprkg)\n* [Colin Hardy](https://www.youtube.com/channel/UCND1KVdVt8A580SjdaS4cZg)\n* [MalwareAnalysisHedgehog](https://www.youtube.com/channel/UCVFXrUwuWxNlm6UNZtBLJ-A)\n\n\n## Practice\n\n*Practice Reverse Engineering. Be careful with malware.*\n\n* [Crackmes.de](http://www.crackmes.de/)\n* [OSX Crackmes](https://reverse.put.as/crackmes/)\n* [ESET Challenges](http://www.joineset.com/jobs-analyst.html)\n* [Flare-on Challenges](http://flare-on.com/)\n* [Github CTF Archives](http://github.com/ctfs/)\n* [Reverse Engineering Challenges](http://challenges.re/)\n* [xorpd Advanced Assembly Exercises](http://www.xorpd.net/pages/xchg_rax/snip_00.html)\n* [Virusshare.com](http://virusshare.com/)\n* [Contagio](http://contagiodump.blogspot.com/)\n* [Malware-Traffic-Analysis](https://malware-traffic-analysis.com/)\n* [Malshare](http://malshare.com/)\n* [Malware Blacklist](http://www.malwareblacklist.com/showMDL.php)\n* [malwr.com](https://malwr.com/)\n* [vxvault](http://vxvault.net/)\n\n## Hex Editors\n\n*Hex Editors*\n\n* [HxD](https://mh-nexus.de/en/hxd/)\n* [010 Editor](http://www.sweetscape.com/010editor/)\n* [Hex Workshop](http://www.hexworkshop.com/)\n* [HexFiend](http://ridiculousfish.com/hexfiend/)\n* [Hiew](http://www.hiew.ru/)\n\n## Binary Format\n\n*Binary Format Tools*\n\n* [CFF Explorer](http://www.ntcore.com/exsuite.php)\n* [Cerbero Profiler](http://cerbero.io/profiler/) // [Lite PE Insider](http://cerbero.io/peinsider/)\n* [Detect It Easy](http://ntinfo.biz/)\n* [PeStudio](http://www.winitor.com/)\n* [PEiD](https://tuts4you.com/download.php?view.398)\n* [PPEE](https://www.mzrst.com/)\n* [MachoView](https://github.com/gdbinit/MachOView)\n* [nm](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/nm.1.html) - View Symbols\n* [file](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/file.1.html) - File information\n* [codesign](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/codesign.1.html) - Code signing information usage: codesign -dvvv filename\n\n## Disassemblers/Decompilers\n\n*Disassemblers/Decompilers*\n\n* [Ghidra](https://ghidra-sre.org/)\n* [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)\n* [Binary Ninja](https://binary.ninja/)\n* [JEB](https://www.pnfsoftware.com/jeb2/)\n* [Radare](http://www.radare.org/r/)\n* [Hopper](http://hopperapp.com/)\n* [Capstone](http://www.capstone-engine.org/)\n* [objdump](http://linux.die.net/man/1/objdump)\n* [fREedom](https://github.com/cseagle/fREedom)\n* [Retdec](https://retdec.com/)\n* [Snowman](https://derevenets.com/)\n\n## Binary Analysis\n\n*Binary Analysis Resources*\n\n* [Mobius Resources](http://www.msreverseengineering.com/research/)\n* [z3](https://z3.codeplex.com/)\n* [bap](https://github.com/BinaryAnalysisPlatform/bap)\n* [angr](https://github.com/angr/angr)\n\n## Bytecode Analysis\n\n*Bytecode Analysis Tools*\n\n* [dnSpy](https://github.com/0xd4d/dnSpy)\n* [Bytecode Viewer](https://bytecodeviewer.com/)\n* [Bytecode Visualizer](http://www.drgarbage.com/bytecode-visualizer/)\n* [JPEXS Flash Decompiler](https://www.free-decompiler.com/flash/)\n\n## Import Reconstruction\n\n*Import Reconstruction Tools*\n\n* [ImpRec](http://www.woodmann.com/collaborative/tools/index.php/ImpREC)\n* [Scylla](https://github.com/NtQuery/Scylla)\n* [LordPE](http://www.woodmann.com/collaborative/tools/images/Bin_LordPE_2010-6-29_3.9_LordPE_1.41_Deluxe_b.zip)\n\n## Dynamic Analysis\n\n*Dynamic Analysis Tools*\n\n* [ProcessHacker](http://processhacker.sourceforge.net/)\n* [Process Explorer](https://technet.microsoft.com/en-us/sysinternals/processexplorer)\n* [Process Monitor](https://technet.microsoft.com/en-us/sysinternals/processmonitor)\n* [Autoruns](https://technet.microsoft.com/en-us/sysinternals/bb963902)\n* [Noriben](https://github.com/Rurik/Noriben)\n* [API Monitor](http://www.rohitab.com/apimonitor)\n* [iNetSim](http://www.inetsim.org/)\n* [Wireshark](https://www.wireshark.org/download.html)\n* [Fakenet](http://practicalmalwareanalysis.com/fakenet/)\n* [netzob](https://www.netzob.org/)\n* [Volatility](https://github.com/volatilityfoundation/volatility)\n* [Dumpit](http://www.moonsols.com/products/)\n* [LiME](https://github.com/504ensicsLabs/LiME)\n* [Cuckoo](https://www.cuckoosandbox.org/)\n* [Objective-See Utilities](https://objective-see.com/products.html)\n* [XCode Instruments](https://developer.apple.com/xcode/download/) - XCode Instruments for Monitoring Files and Processes [User Guide](https://developer.apple.com/library/watchos/documentation/DeveloperTools/Conceptual/InstrumentsUserGuide/index.html) \n* [dtrace](http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-scripts-for-mac-os-x/) - sudo dtruss = strace [dtrace recipes](http://mfukar.github.io/2014/03/19/dtrace.html)\n* [fs_usage](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/fs_usage.1.html) - report system calls and page faults related to filesystem activity in real-time. File I/O: fs_usage -w -f filesystem \n* [dmesg](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/dmesg.8.html) - display the system message buffer\n\n## Debugging\n\n*Debugging Tools*\n\n* [WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx)\n* [OllyDbg v1.10](http://www.ollydbg.de/)\n* [OllyDbg v2.01](http://www.ollydbg.de/version2.html)\n* [OllySnD](https://tuts4you.com/download.php?view.2061)\n* [Olly Shadow](https://tuts4you.com/download.php?view.6)\n* [Olly CiMs](https://tuts4you.com/download.php?view.1206)\n* [Olly UST_2bg](https://tuts4you.com/download.php?view.1206)\n* [x64dbg](http://x64dbg.com/#start)\n* [gdb](https://www.gnu.org/software/gdb/)\n* [vdb](https://github.com/vivisect/vivisect)\n* [lldb](http://lldb.llvm.org/)\n* [qira](http://qira.me/)\n* [unicorn](https://github.com/unicorn-engine/unicorn)\n\n## Mac Decrypt\n\n*Mac Decrypting Tools*\n\n* [Cerbero Profiler](http://cerbero-blog.com/?p=1311) - Select all -\u003e Copy to new file\n* [AppEncryptor](https://github.com/AlanQuatermain/appencryptor) - Tool for decrypting\n* [Class-Dump](http://stevenygard.com/projects/class-dump/) - use deprotect option \n* [readmem](https://github.com/gdbinit/readmem) - OS X Reverser's process dumping tool\n\n## Document Analysis\n\n*Document Analysis Tools*\n\n* [Ole Tools](http://www.decalage.info/python/oletools)\n* [Didier's PDF Tools](http://blog.didierstevens.com/programs/pdf-tools/)\n* [Origami](https://github.com/cogent/origami-pdf)\n\n## Scripting\n\n*Scripting*\n\n* [IDA Python Src](https://github.com/idapython/src)\n* [IDC Functions Doc](https://www.hex-rays.com/products/ida/support/idadoc/162.shtml)\n* [Using IDAPython to Make your Life Easier](http://researchcenter.paloaltonetworks.com/tag/idapython/)\n* [Introduction to IDA Python](https://tuts4you.com/download.php?view.3229)\n* [The Beginner's Guide to IDA Python](https://leanpub.com/IDAPython-Book)\n* [IDA Plugin Contest](https://www.hex-rays.com/contests/)\n* [onehawt IDA Plugin List](https://github.com/onethawt/idaplugins-list)\n* [pefile Python Libray](https://github.com/erocarrera/pefile)\n* [ghidra ninja](https://github.com/ghidraninja/ghidra_scripts)\n\n## Android\n\n*Android tools*\n\n* [Android Developer Studio](http://developer.android.com/sdk/index.html)\n* [APKtool](http://ibotpeaches.github.io/Apktool/)\n* [dex2jar](https://github.com/pxb1988/dex2jar)\n* [Bytecode Viewer](https://bytecodeviewer.com/)\n* [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)\n\n## Yara\n\n*Yara Resources*\n\n* [Yara docs](http://yara.readthedocs.org/en/v3.4.0/writingrules.html)\n* [Cheatsheet](https://gist.github.com/tylerha97/eeabc765e9befad9b80a)\n* [yarGen](https://github.com/Neo23x0/yarGen)\n* [yabin](https://github.com/AlienVault-OTX/yabin)\n* [Yara First Presentation](/Users/thalfpop/Downloads/first_2014_-_schuster-_andreas_-_yara_basic_and_advanced_20140619.pdf)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftylerha97%2Fawesome-reversing","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftylerha97%2Fawesome-reversing","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftylerha97%2Fawesome-reversing/lists"}