Top 23 Reverse Engineering Open-Source Projects

1. Awesome-Hacking

   1 12 92,411 3.8

   A collection of various awesome lists for hackers, pentesters and security researchers

   

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. gpt4free

   2 44 64,197 9.9 Python

   The official gpt4free repository | various collection of powerful language models | o4, o3 and deepseek r1, gpt-4.1, gemini 2.5

   

4. ghidra

   3 133 56,959 10.0 Java

   Ghidra is a software reverse engineering (SRE) framework

   

   Project mention: The Future of Crash Analysis: AI Meets WinDBG | news.ycombinator.com | 2025-05-04

   Ghidra also has a debugger, see https://github.com/NationalSecurityAgency/ghidra/blob/master...

5. ImHex

   4 56 48,859 9.9 C++

   🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

   

   Project mention: Ask HN: What are good high information density UIs (screenshots, apps, sites) | news.ycombinator.com | 2025-05-08

   I find Geizhals' filtering options reasonably compact and information dense. https://geizhals.de/?cat=gra16_512&xf=132_16384&pg=1&view=li...

   I like the simple table view of RPiLocator. Only a few columns, but lots of rows, no unneeded clutter. https://rpilocator.com/

   Not as compact as possible, but at least shows quite some information: GSMArena. It could fit more phones into the comparison table with less whitespace/greyspace though. https://www.gsmarena.com/compare.php3?idPhone1=10386&idPhone...

   All sites as viewed on desktop, on mobile this would likely not work out.

   I also want to echo the command line tools mention in another comment. GDB's TUI is reasonable for my use, but after some experience this recently posted terminal debugger might be better: https://github.com/al13n321/nnd via https://news.ycombinator.com/item?id=43905185

   Also the hex editor I am currently using, despite some problems: https://github.com/WerWolv/ImHex

   An example of an information dense GUI that might be a bit overwhelming is Ghidra: https://en.wikipedia.org/wiki/Ghidra (page includes a basic screenshot, you can fill your screen(s) with as many sub windows and information panes as you want)

   As a side note, while trying to find examples I realized just how few websites there are (any more?) that show a lot of information at the same time. Worst recent offender is YouTube's redesign with only 3 video tiles in a row on a 1440p screen, luckily easily fixed via a ublock rule.

6. x64dbg

   5 34 46,006 9.3 C++

   An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

   

   Project mention: Debugging bugs in x64dbg debugger. Step out to GUI | dev.to | 2024-11-19

   Several months have passed since the last part was posted. Maintainers of x64dbg have continued to improve its functionality. They also opened a task to update the development tools. So in this post, we will continue the analysis based on commit f518e50 code and, where possible, we'll compare it with the commit 9785d1a, which is accurate at the time of writing.

7. Apktool

   6 65 22,011 8.5 Java

   A tool for reverse engineering Android apk files

   

   Project mention: Conducting forensics of mobile devices to find signs of a potential compromise | news.ycombinator.com | 2025-03-16

   I'd be curious if anyone has tried this for Android and what kind of stuff it's checking for. Sideloaded APKs can often contain malicious stuff, but it's nearly impossible to know if it's doing anything suspicious unless you open it up with a tool like Apktool [1] or run it on Triage [2] as it supports Android and watch what it's doing. Most antivirus for Android is pretty much a joke, as far as I'm concerned.

   [1] https://github.com/iBotPeaches/Apktool?tab=readme-ov-file

   [2] https://tria.ge/

8. radare2

   7 9 21,639 9.9 C

   UNIX-like reverse engineering framework and command-line toolset

   

9. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

10. cutter

    8 40 16,475 8.4 C++

    Free and Open Source Reverse Engineering Platform powered by rizin

    

    Project mention: NSA Ghidra open-source reverse engineering framework | news.ycombinator.com | 2024-05-28

    Rizin[1]/Cutter[2] projects are stored like text files that work well with git, you could try those tools.

    [1] https://rizin.re

    [2] https://cutter.re

11. Awesome-Hacking-Resources

    9 5 15,694 0.0

    A collection of hacking / penetration testing resources to make you better!

    

12. owasp-mastg

    10 23 12,203 9.8 Python

    The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

    

    Project mention: The Case for Standards in Mobile App Security | dev.to | 2024-07-31

    The OWASP Mobile Application Security (MAS) flagship project provides a robust security standard for mobile apps, known as the OWASP MASVS, along with a comprehensive testing guide (OWASP MASTG). These resources cover the processes, techniques, and tools used during a mobile app security test, ensuring consistent and complete results.

13. Reverse-Engineering-Tutorial

    11 19 12,095 8.8 Assembly

    A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.

    

    Project mention: Reverse Engineering – Lesson 1: x86 Course (Part 1: Goals) | news.ycombinator.com | 2024-12-20

14. openhaystack

    12 75 11,430 5.7 Swift

    Build your own 'AirTags' 🏷 today! Framework for tracking personal Bluetooth devices via Apple's massive Find My network.

    

    Project mention: Turning a Bluetooth Device into an Apple AirTag Without Root Privileges | news.ycombinator.com | 2025-02-27

15. YoutubeDownloader

    13 21 11,410 8.0 C#

    Downloads videos and playlists from YouTube

    

16. mitmproxy2swagger

    14 15 8,866 5.6 HTML

    Automagically reverse-engineer REST APIs via capturing traffic

    

    Project mention: Automated Documentation for APIs | dev.to | 2025-04-07

    Solutions to this problem generate API documentation automatically. Libraries such as drf-spectacular use code structure and semantics in back-end frameworks to infer API contracts. API frameworks such as FastAPI and Huma generate OpenAPI specifications as a built-in feature. Tools like mitmproxy2swagger generate documentation from HAR files. Finally, companies such as Akita Software/Postman use network traffic metadata.

17. Detect-It-Easy

    15 18 8,653 9.8 JavaScript

    Program for determining types of files for Windows, Linux and MacOS.

    

18. pwndbg

    16 10 8,595 9.7 Python

    Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

    

    Project mention: Pleasant Debugging with GDB and DDD | news.ycombinator.com | 2024-11-16

    It's written for exploit development, but even for debugging a C program. It makes things a lot nicer.

    https://pwndbg.re/

19. Unicorn Engine

    17 19 8,162 9.3 C

    Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

    

    Project mention: Unicorn Engine 2.1.2 | news.ycombinator.com | 2025-02-13

20. capstone

    18 11 8,004 9.0 C

    Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

    

    Project mention: Capstone Disassembler Framework | news.ycombinator.com | 2024-09-25

    It just updated to the nearly latest LLVM, so that argument is void: https://github.com/capstone-engine/capstone/blob/next/docs/c...

21. Il2CppDumper

    19 12 7,684 4.0 C#

    Unity il2cpp reverse engineer

    

    Project mention: Il2CppDumper: Open-Source Tool for Unity Il2cpp Reverse Engineering | news.ycombinator.com | 2024-10-06

22. gef

    20 18 7,490 7.4 Python

    GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

    

    Project mention: Bit Vectors and my first steps into assembly | news.ycombinator.com | 2024-12-25

23. flare-vm

    21 23 7,230 8.9 PowerShell

    A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

    

24. ipatool

    22 27 6,860 5.7 Go

    Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store

    

25. MonkeyDev

    23 4 6,640 0.0 Objective-C

    CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.

    

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Reverse Engineering related posts

• The Future of Crash Analysis: AI Meets WinDBG

  5 projects | news.ycombinator.com | 4 May 2025

• Nnd – a TUI debugger alternative to GDB, LLDB

  5 projects | news.ycombinator.com | 6 May 2025

• LIEF – Library to Instrument Executable Formats

  1 project | news.ycombinator.com | 1 May 2025

• SEninja: Symbolic execution plugin for Binary Ninja

  1 project | news.ycombinator.com | 30 Apr 2025

• Reverse engineering of Linear's sync engine endorsed by its CTO

  1 project | news.ycombinator.com | 28 Apr 2025

• Fujihack

  1 project | news.ycombinator.com | 28 Apr 2025

• Reverse Engineering Linear's Sync Engine

  1 project | news.ycombinator.com | 23 Apr 2025
• A note from our sponsor - InfluxDB
  www.influxdata.com | 16 May 2025

  InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now. Learn more →

Index

Sponsored

InfluxDB – Built for High-Performance Time Series Workloads

InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

www.influxdata.com