逆向工具
========================================

二进制
----------------------------------------
- `capstone <https://github.com/aquynh/capstone>`_
- `dnspy <https://github.com/0xd4d/dnspy>`_ .NET debugger and assembly editor
- `binary ninja <https://binary.ninja/>`_
- `HAL <https://github.com/emsec/hal>`_ The Hardware Analyzer
- `LIEF <https://github.com/lief-project/LIEF>`_ Library to Instrument Executable Formats

PE工具
----------------------------------------
- `EXEInfoPE <http://www.exeinfo.xn.pl/>`_
- `DetectIt Easy <http://ntinfo.biz/index.html>`_
- `StudyPE <https://bbs.pediy.com/thread-246459-1.htm>`_

API
----------------------------------------
- `binaryninja api <https://github.com/Vector35/binaryninja-api>`_ Public API, examples, documentation and issues for Binary Ninja 

Bytecode
----------------------------------------
- `bytecode viewer <https://github.com/Konloch/bytecode-viewer>`_ A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
- `pycdc <https://github.com/zrax/pycdc>`_ C++ python bytecode disassembler and decompiler

IDA
----------------------------------------

文档与资料
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- `IDA Tutorials <https://www.hex-rays.com/products/ida/support/tutorials/>`_
- `IDA SDK <https://www.hex-rays.com/products/ida/support/sdkdoc/index.html>`_
- `idapython cheatsheet <https://github.com/inforion/idapython-cheatsheet>`_
- `awesome ida <https://github.com/xrkk/awesome-ida>`_

辅助工具
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- `HexRaysPyTools <https://github.com/igogo-x86/HexRaysPyTools>`_ Find code patterns within the Hexrays AST

插件
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- `IDArling <https://github.com/IDArlingTeam/IDArling>`_
- `abyss <https://github.com/patois/abyss>`_ IDAPython Plugin for Postprocessing of Hexrays Decompiler Output
- `Sark <https://github.com/tmr232/Sark>`_ IDA Plugins & IDAPython Scripting Library
- `IDA minsc <https://github.com/arizvisa/ida-minsc>`_ is a plugin for IDA Pro that assists a user with scripting the IDAPython plugin that is bundled with the disassembler
- `lucid <https://github.com/gaasedelen/lucid>`_ An Interactive Hex-Rays Microcode Explorer
- `grap <https://github.com/QuoSecGmbH/grap/>`_ grap: define and match graph patterns within binaries

Golang插件
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- `golang loader assist <https://github.com/strazzere/golang_loader_assist>`_
- `IDAGolangHelper <https://github.com/sibears/IDAGolangHelper>`_ Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
- `go parser <https://github.com/0xjiayu/go_parser>`_ Yet Another Golang binary parser for IDAPro

Ghidra
----------------------------------------

文档与资料
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- `Ghidra <https://github.com/NationalSecurityAgency/ghidra>`_
- `Ghidra API Overview <https://ghidra.re/ghidra_docs/api/>`_
- `Ghidra Online Courses <https://ghidra.re/online-courses/>`_
- `Awesome Ghidra <https://github.com/AllsafeCyberSecurity/awesome-ghidra>`_ A curated list of awesome Ghidra materials

插件
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- `Ghidra Cpp Class Analyzer <https://github.com/astrelsky/Ghidra-Cpp-Class-Analyzer>`_
- `GhidraSnippets <https://github.com/cetfor/GhidraSnippets>`_ Python snippets for Ghidra's Program and Decompiler APIs

Radare2
----------------------------------------
- `radare2 <https://github.com/radare/radare2>`_
- `Radare2 Book <https://radare.gitbooks.io/radare2book/content/>`_

Diff
----------------------------------------
- `diaphora <https://github.com/joxeankoret/diaphora>`_
- `polypyus <https://github.com/seemoo-lab/polypyus>`_

Patch
----------------------------------------
- `e9patch <https://github.com/GJDuck/e9patch>`_ A powerful static binary rewriting tool

文件分析
----------------------------------------
- `oletools <https://github.com/decalage2/oletools>`_ python tools to analyze MS OLE2 files and MS Office documents

加壳
----------------------------------------
- `UPX <https://github.com/upx/upx>`_ the Ultimate Packer for eXecutables