Python Reverse Engineering

Open-source Python projects categorized as Reverse Engineering Edit details

Top 23 Python Reverse Engineering Projects

  • owasp-mstg

    The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

    Project mention: Moving from Web application pentesting to mobile. | reddit.com/r/AskNetsec | 2022-04-04

    - OWASP is as usual a good resource: https://owasp.org/www-project-mobile-security-testing-guide/

  • pwndbg

    Exploit Development and Reverse Engineering with GDB Made Easy

    Project mention: Hacked GDB Dashboard Puts It All on Display | news.ycombinator.com | 2022-03-24

    There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):

    GEF: https://gef.readthedocs.io/en/master/

    PWNDBG: https://github.com/pwndbg/pwndbg

    PEDA: https://github.com/longld/peda

    They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • gef

    GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers

    Project mention: Debugging with GDB | news.ycombinator.com | 2022-03-21

    I still struggle with GDB but my excuse is that I seldom use it.

    When I was studying reverse engineering though, I came across a really cool kit (which I've yet to find an alternative for lldb, which would be nice given: rust)

    I'd recommend checking it out, if for no other reason than it makes a lot of things really obvious (like watching what value lives in which register).

    https://github.com/hugsy/gef

    LLDB's closest alternative to this is called Venom, but it's not the same at all. https://github.com/ovh/venom

  • androguard

    Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    Androguard - Reverse engineer Android applications.

  • qiling

    Qiling Advanced Binary Emulation Framework

    Project mention: Qiling Advanced Binary Emulation Framework | news.ycombinator.com | 2022-04-15
  • ROPgadget

    This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    ROP Gadget - Framework for ROP exploitation.

  • apkleaks

    Scanning APK file for URIs, endpoints & secrets.

    Project mention: Scan the apk file to check its different layers | reddit.com/r/NETSECSOFT | 2022-01-09

    git clone https://github.com/dwisiswant0/apkleaks

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • plasma

    Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    Plasma - An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.

  • miasm

    Reverse engineering framework in Python

    Project mention: Reverse Engineering Framework in Python | news.ycombinator.com | 2022-03-26
  • flare-ida

    IDA Pro utilities from FLARE team

  • AppleNeuralHash2ONNX

    Convert Apple NeuralHash model for CSAM Detection to ONNX.

    Project mention: Frage zur drohenden Chatkontrolle | reddit.com/r/de_EDV | 2022-05-13
  • PINCE

    A reverse engineering tool that'll supply the place of Cheat Engine for linux

    Project mention: Cheat engine alternatives ? | reddit.com/r/linux_gaming | 2022-03-17
  • pyinstxtractor

    PyInstaller Extractor

    Project mention: Synack Red Team Five CTF Writeup - Rev | dev.to | 2022-05-05

    It's a Pyinstaller binary.(I have used it once before, so I just knew it by checking the file.) Use https://github.com/extremecoders-re/pyinstxtractor to extract its source code archive in binary (by just running python pyinstxtractor.py ./backdoor or something), now many .pyc files are extracted. Find src.pyc and it's malformed as Python3.9, so https://github.com/rocky/python-uncompyle6/ denies to decompile. But challenge information says it's Python3.8, so I write helloworld python script and execute it with Python3.8. It yields Python3.8 .pyc file. Analyze it and find signature is \x55. Change src.pyc's signature from \x61 to \x55 and decompile by running uncompyle6 backdoor-src.38.pyc > backdoor-src.py

  • tenet

    A Trace Explorer for Reverse Engineers

    Project mention: I'm looking for a program-flow highlighting tool. Any ideas? | reddit.com/r/AskReverseEngineering | 2022-02-08

    Tenet: use a specific trace output (see tracers) and import the trace into IDA, which then gets a colorized view. You can also play the trace forward and backward à la Windbg TTD.

  • vivisect

  • OpenWifiPass

    An open source implementation of Apple's Wi-Fi Password Sharing protocol in Python.

  • drakvuf-sandbox

    DRAKVUF Sandbox - automated hypervisor-level malware analysis system

    Project mention: Want to setup a malware analysis Sandbox on Windows 10. Almost giving up... | reddit.com/r/cybersecurity | 2021-07-21

    Why not have a look at DRAKVUF? Supports W10 2004 guests: https://github.com/CERT-Polska/drakvuf-sandbox

  • netzob

    Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

    Project mention: Awesome Penetration Testing | dev.to | 2021-10-06

    Netzob - Reverse engineering, traffic generation and fuzzing of communication protocols.

  • vmlinux-to-elf

    A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)

    Project mention: FYI: Synology SRM 1.3 is still running Linux kernel 4.4.60 though it's 64 bit ARM for RT6600ax | reddit.com/r/synology | 2022-05-11
  • reFlutter

    Flutter Reverse Engineering Framework

    Project mention: Flutter Reverse Engineering Framework | reddit.com/r/cybersecurity | 2022-05-16
  • pwndra

    A collection of pwn/CTF related utilities for Ghidra

  • hobbits

    A multi-platform GUI for bit-based analysis, processing, and visualization

    Project mention: Hobbits is a software platform for analyzing, processing, and visualizing bits | news.ycombinator.com | 2021-11-19
  • unipacker

    Automatic and platform-independent unpacker for Windows binaries based on emulation

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-05-16.

Python Reverse Engineering related posts

Index

What are some of the best open-source Reverse Engineering projects in Python? This list will help you:

Project Stars
1 owasp-mstg 9,063
2 pwndbg 4,668
3 gef 4,647
4 androguard 3,988
5 qiling 3,507
6 ROPgadget 3,064
7 apkleaks 3,026
8 plasma 2,967
9 miasm 2,799
10 flare-ida 1,722
11 AppleNeuralHash2ONNX 1,465
12 PINCE 1,299
13 pyinstxtractor 994
14 tenet 905
15 vivisect 759
16 OpenWifiPass 696
17 drakvuf-sandbox 681
18 netzob 654
19 vmlinux-to-elf 637
20 reFlutter 596
21 pwndra 516
22 hobbits 492
23 unipacker 454
Find remote jobs at our new job board 99remotejobs.com. There are 4 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
Developer Ecosystem Survey 2022
Take part in the Developer Ecosystem Survey 2022 by JetBrains and get a chance to win a Macbook, a Nvidia graphics card, or other prizes. We’ll create an infographic full of stats, and you’ll get personalized results so you can compare yourself with other developers.
surveys.jetbrains.com