In this post I list all the popular vulnerability research and reverse engineering tools. In each category I first listed the tool(s) I personally use, and then followed with alternatives. Pirating software is illegal, but all of the payed programs can be found on pirate websites ;).

Disassemblers and Reverse Engineering Tools

Disassemblers decode machine instructions in binary into their readable assembly representation. The following programs have evolved beyond simple disassembly to become full platforms for reverse engineering with features such as custom symbol naming, graphically viewing code flow, and listing references in the assembly to functions and data. The more advanced tools also support decompilation which is the process of converting the assembly into higher level code such as C or C++.

*

IDA Pro

ida pro reverse engineering tool
  • Costs around $2000 for a license with multiple decompilers (free trial available)
  • A limited feature freeware version is available here.
  • Supports decompiling
  • ~170 community sourced plugins here
  • My personal favorite and the most popular among the global security community
  • Available for MAC, Linux, and Windows

*

Radare2

radare2 reverse engineering tool
  • Free opensource software 🙂 available for download here
  • Supports decompiling
  • ~40 community plugins available here
  • Available for MAC, Linux, and Windows

*

Binary Ninja

binary ninja reverse engineering tool
  • $150 personal license
  • A feature limited demo version is available here
  • Supports decompiling
  • ~70 community plugins available here

  • Available for MAC, Linux, and Windows

  • Ghidra

ghidra reverse engineering tool
  • Originally developed by the NSA but is now free opensource software 🙂 available for download here
  • Supports decompiling
  • ~10 community plugins available here

  • Available for MAC, Linux, and Windows

  • JEB Pro

  • Costs $1800 for a license (free trial available)
  • A limited feature demo version is available here
  • Supports decompiling
  • ~20 plugins available here
  • Available for MAC, Linux, and Windows

Debuggers

Debuggers are very helpful in dynamically analyzing the flow of a program, and equally helpful in debugging an exploit.

  • WinDbg

windbg logo
  • Free but closed source. Can be download from the Microsoft Store or with the Windows SDK
  • By far the most powerful windows debugger on the list.
  • Very steep learning curve
  • I recommend this theme (there is no easy way to import themes except .reg files)
  • My personal favorite Windows debugger

  • Available for Windows

  • GDB

gnu gdb fish logo
  • Free and opensource 🙂 . Can be downloaded with “apt-get install gdb”
  • Relatively steep learning curve because of command line interface
  • I recommend downloading the pwndbg extension to have better colors and more features
  • My personal favorite Linux debugger

  • Available for MAC, Linux and Windows

  • OllyDbg

olydbg logo
  • Free and opensource 🙂. Can be downloaded here
  • The most gradual learning curve
  • Available for Windows

Executable Analysis Tools

The following tools are helpful to get a glimpse on executable internals, when opening a full reverse engineering platform such as IDA would be overkill.

  • CFF Explorer

cff explorer logo
  • Free and opensource 🙂. Can be downloaded from here
  • Easy to use GUI

  • Available for Windows

  • GNU ELF utils

gnu elf utils logo
  • Free and opensource🙂. Can be download with “apt-get install elfutils”
  • Command Line Interface
  • Available for MAC, Linux and Windows

Windows Specific Research Tools

  • Sysinternals Suite

sysinternals suite logo
  • Free. Can be downloaded here
  • Most diverse and useful set of windows tools in one package.
  • Powerful programs for example “procmon” that allows you to view all file operations a program is making
  • Easy to use GUI

  • Available for Windows

  • Resource Hacker

resource hacker logo
  • Free. Can be downloaded here
  • Allows viewing and editing executable file resources
  • Especially useful when program use a lot of strings from their resource table via LoadStringA() winapi call
  • Easy to use GUI
  • Available for Windows

Hex Editor Tools

  • 010 Editor

sweetscape 010 logo
  • 50$ License for home users
  • Free trial available on any download from here
  • Features common file type parsers and you can easily add your own
  • Features helpful scripts that can be applied on selected parts of the file such as hash operations
  • My go-to hex editor
  • Easy to use GUI

  • Available for MAC, Linux and Windows

  • HxD

hxd editor logo
  • Free. Can be downloaded here
  • Easy to use GUI
  • Available for Windows

Source Code Analysis Tools

For hunting for vulnerabilities in source code.

  • Source Insight

source insight logo
  • $239 for home license
  • Free trial available here
  • My favorite source code viewer
  • Easy to use GUI
  • packed with features

  • Available for Windows

  • Visual Studio Code

source insight logo
  • Free and opensource🙂 . Download here
  • Great when looking for a lightweight interface
  • Available for MAC, Linux and Windows

Documentation

This is sometimes overlooked, but it’s so important. For example do you remember how snprintf behaves on windows when input is too long? does_snprintf behave the same way? The answer is that it doesn’t and that’s why it’s handy to have documentation around.

  • MSDN

msdn logo

  • For everything Microsoft related

  • Linux MAN pages

manpage for man
  • For everything UNIX related

As usual, if I missed anything let me know :P