Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 C Reverse Engineering Projects
-
Unicorn Engine
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
capstone
Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), BPF, Ethereum VM, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
-
pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
ret-sync
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
-
Hacking-Windows
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
-
dumpulator
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Unicorn – lightweight multi-platform, multi-architecture CPU emulator framework | news.ycombinator.com | 2024-05-03
Project mention: Rise: Accelerate the Development of Open Source Software for RISC-V | news.ycombinator.com | 2023-05-31Maybe then they can help us with the Capstone[1][2] disassembly engine auto-sync (automatic synchronization from the LLVM TableGen files) effort[3]. ARMv7, ARMv8/9, PowerPC are nearly finished, and MIPS in in near-term plans. Nobody stepped in for RISC-V yet.
[1] http://www.capstone-engine.org/
[2] https://github.com/capstone-engine/capstone
[3] https://github.com/capstone-engine/capstone/issues/2015
Project mention: Is there still a way to counter virtual machine detection by popular anti cheat? | /r/VFIO | 2023-12-05Pafish is what you asking for, but as u/ForceBlade wrote, you cannot win this game.
Just for the record, for nicer inspection of files with such debug information, including compressed sections, and debuginfod support, Rizin[1] can be used, since starting from the 0.7.0 release[2] all of those were added.
[1] https://rizin.re
[2] https://github.com/rizinorg/rizin/releases/tag/v0.7.0
Project mention: Platform for Architecture-Neutral Dynamic Analysis (Panda) | news.ycombinator.com | 2024-03-11
Project mention: [Gen 3] Using RNG manipulation and the Dewford Trend to Determine Feebas Tiles and Secret ID | /r/pokemonrng | 2023-09-13When you start a new game, the game generates the Dewford phrases (and Feebas tile seeds) from EasyChat words by making some calls to RNG, shown here in InitDewfordTrend and SeedTrendRng. To summarize (assume H16 is the upper 16 bits of the RNG seed on that advancement): It makes a call on Advance x to determine the first word, always pulled from CONDITIONS (H16 % 69) It calls RNG on Advance x+1 to determine whether the second word is from LIFESTYLE or HOBBIES (H16 & 1, LIFESTYLE if it's 1, HOBBIES if it's 0) Then it calls RNG on Advance x+2 to determine what that word will be (H16 % 45 for LIFESTYLE, H16 % 54 for HOBBIES) It calls RNG on Advance x+3 to determine whether the trendiness is increasing or decreasing (not important for this, but it's H16 & 1) It calls RNG on advance x+4 to try setting the maximum trendiness If this value is greater than 50, it calls RNG again (on advance x+5) to try setting the max trendiness. If this value is greater than 80, it calls RNG a third time (on advance x+6) to set the max trendiness (each of these calls are H16 % 98) Once it has the max trendiness (takes the result from above and adds 30, giving a max value of 127), it calls RNG to set the current trendiness (the value itself isn't really important for our purpose, but it's (H16 % (max trendiness value+1)) +30, where the max trendiness value is the value before adding 30. This value also has a max of 127) Finally, it calls RNG to set the associated Feebas seed (H16)
Fortunately, some people have made third party tools that can allow you to do it yourself, if you're handy with python.https://github.com/o-gs/dji-firmware-tools
Project mention: PC Ports, Decompilations, Remakes, Demakes, Fan Games, Conversion Mods, Texture Packs! | /r/SteamDeck | 2023-06-01Please include ReDriver2! A recompilation of PS1's Driver 2. I finished it a few days ago and has a good set of advantages over emulating. There's a mini guide in an old post in this sub but I wanted to make a more datailed guide
There's a command-line utility called pixd [1] that generates similar data visualizations on the command line. That said, it only shows static representations of binary data and is not nearly as cool as buredoranna's animated gifs showing filesystem changes over time.
It can be helpful to plot these sorts of pixel arrangements on a Hilbert curve, rather than plotting pixels line by line. I learned this trick from a Ghidra plugin called cantordust [2]. 3blue1brown offers some mathematical intuition for the effectiveness of a Hilbert curve pixel arrangement [3].
[1] https://github.com/FireyFly/pixd
C Reverse Engineering related posts
-
Deep Dive into XZ Utils Backdoor – Columbia Engineering Guest Lecture [video]
-
Steam Controller reverse engineering and customization project
-
Platform for Architecture-Neutral Dynamic Analysis (Panda)
-
Decompilation of Paper Mario for N64
-
TR1X: Open-source re-implementation of Tomb Raider 1
-
Is there still a way to counter virtual machine detection by popular anti cheat?
-
Rizin – Free and Open Source Reverse Engineering Framework
-
A note from our sponsor - InfluxDB
www.influxdata.com | 10 May 2024
Index
What are some of the best open-source Reverse Engineering projects in C? This list will help you:
Project | Stars | |
---|---|---|
1 | radare2 | 19,659 |
2 | Unicorn Engine | 7,181 |
3 | capstone | 7,055 |
4 | pafish | 3,087 |
5 | rizin | 2,455 |
6 | Il2CppInspector | 2,426 |
7 | panda | 2,419 |
8 | pokeemerald | 2,048 |
9 | ret-sync | 1,889 |
10 | php-spx | 1,888 |
11 | dji-firmware-tools | 1,383 |
12 | Hacking-Windows | 1,254 |
13 | papermario | 1,220 |
14 | REDRIVER2 | 1,015 |
15 | pokefirered | 891 |
16 | pokeruby | 748 |
17 | PDBRipper | 747 |
18 | radare2-book | 743 |
19 | VAC | 675 |
20 | dumpulator | 666 |
21 | dethrace | 627 |
22 | VAC-Bypass | 526 |
23 | pixd | 525 |
Sponsored