Top 23 Python Reverse Engineering Projects
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).Project mention: Moving from Web application pentesting to mobile. | reddit.com/r/AskNetsec | 2022-04-04
- OWASP is as usual a good resource: https://owasp.org/www-project-mobile-security-testing-guide/
Exploit Development and Reverse Engineering with GDB Made EasyProject mention: Hacked GDB Dashboard Puts It All on Display | news.ycombinator.com | 2022-03-24
There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):
They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineersProject mention: Debugging with GDB | news.ycombinator.com | 2022-03-21
I still struggle with GDB but my excuse is that I seldom use it.
When I was studying reverse engineering though, I came across a really cool kit (which I've yet to find an alternative for lldb, which would be nice given: rust)
I'd recommend checking it out, if for no other reason than it makes a lot of things really obvious (like watching what value lives in which register).
LLDB's closest alternative to this is called Venom, but it's not the same at all. https://github.com/ovh/venom
Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)
Androguard - Reverse engineer Android applications.
Qiling Advanced Binary Emulation FrameworkProject mention: Qiling Advanced Binary Emulation Framework | news.ycombinator.com | 2022-04-15
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
ROP Gadget - Framework for ROP exploitation.
Scanning APK file for URIs, endpoints & secrets.Project mention: Scan the apk file to check its different layers | reddit.com/r/NETSECSOFT | 2022-01-09
git clone https://github.com/dwisiswant0/apkleaks
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
Plasma - An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.
Reverse engineering framework in PythonProject mention: Reverse Engineering Framework in Python | news.ycombinator.com | 2022-03-26
IDA Pro utilities from FLARE team
Convert Apple NeuralHash model for CSAM Detection to ONNX.Project mention: Frage zur drohenden Chatkontrolle | reddit.com/r/de_EDV | 2022-05-13
A reverse engineering tool that'll supply the place of Cheat Engine for linuxProject mention: Cheat engine alternatives ? | reddit.com/r/linux_gaming | 2022-03-17
PyInstaller ExtractorProject mention: Synack Red Team Five CTF Writeup - Rev | dev.to | 2022-05-05
It's a Pyinstaller binary.(I have used it once before, so I just knew it by checking the file.) Use https://github.com/extremecoders-re/pyinstxtractor to extract its source code archive in binary (by just running python pyinstxtractor.py ./backdoor or something), now many .pyc files are extracted. Find src.pyc and it's malformed as Python3.9, so https://github.com/rocky/python-uncompyle6/ denies to decompile. But challenge information says it's Python3.8, so I write helloworld python script and execute it with Python3.8. It yields Python3.8 .pyc file. Analyze it and find signature is \x55. Change src.pyc's signature from \x61 to \x55 and decompile by running uncompyle6 backdoor-src.38.pyc > backdoor-src.py
A Trace Explorer for Reverse EngineersProject mention: I'm looking for a program-flow highlighting tool. Any ideas? | reddit.com/r/AskReverseEngineering | 2022-02-08
Tenet: use a specific trace output (see tracers) and import the trace into IDA, which then gets a colorized view. You can also play the trace forward and backward à la Windbg TTD.
An open source implementation of Apple's Wi-Fi Password Sharing protocol in Python.
DRAKVUF Sandbox - automated hypervisor-level malware analysis systemProject mention: Want to setup a malware analysis Sandbox on Windows 10. Almost giving up... | reddit.com/r/cybersecurity | 2021-07-21
Why not have a look at DRAKVUF? Supports W10 2004 guests: https://github.com/CERT-Polska/drakvuf-sandbox
Netzob: Protocol Reverse Engineering, Modeling and FuzzingProject mention: Awesome Penetration Testing | dev.to | 2021-10-06
Netzob - Reverse engineering, traffic generation and fuzzing of communication protocols.
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)Project mention: FYI: Synology SRM 1.3 is still running Linux kernel 4.4.60 though it's 64 bit ARM for RT6600ax | reddit.com/r/synology | 2022-05-11
Flutter Reverse Engineering FrameworkProject mention: Flutter Reverse Engineering Framework | reddit.com/r/cybersecurity | 2022-05-16
A collection of pwn/CTF related utilities for Ghidra
A multi-platform GUI for bit-based analysis, processing, and visualizationProject mention: Hobbits is a software platform for analyzing, processing, and visualizing bits | news.ycombinator.com | 2021-11-19
Automatic and platform-independent unpacker for Windows binaries based on emulation
Python Reverse Engineering related posts
Ghidra-dark: Dark theme installer for Ghidra
1 project | news.ycombinator.com | 24 Jun 2022
1 project | reddit.com/r/Csgohacks | 20 May 2022
dewolf: Improving Decompilation by leveraging User Surveys
2 projects | reddit.com/r/ReverseEngineering | 15 May 2022
Flutter Reverse Engineering Framework
1 project | reddit.com/r/cybersecurity | 16 May 2022
Install Custom WatchFace on Iphone
1 project | reddit.com/r/miband | 15 May 2022
Reverse engineering Flutter apps
1 project | reddit.com/r/netsec | 14 May 2022
Frage zur drohenden Chatkontrolle
1 project | reddit.com/r/de_EDV | 13 May 2022
What are some of the best open-source Reverse Engineering projects in Python? This list will help you:
Are you hiring? Post a new remote job listing for free.