Reverse engineering can be applied to different aspects of software as well as hardware development activities. In the context of software engineering, reverse engineering entails breaking something down to understand it. Also, build a copy to fix certain bugs in software as well as to enhance product features in both hardware and software.
GHIDRA
Ghidra is a software reverse engineering (SRE) framework developed by NSA's Research Directorate for NSA's cybersecurity mission. It helps analyze malicious code and malware-like viruses and can give cybersecurity professionals a better understanding of potential vulnerabilities in their networks and systems.
edb-debugger
- Intuitive GUI interface
- The usual debugging operations (step-into/step-over/run/break)
- Conditional breakpoints
- A debugging core is implemented as a plugin so people can have drop-in replacements. Of course, if a given platform has several debugging APIs available, then you may have a plugin that implements any of them.
- Basic instruction analysis
- View/Dump memory regions
- Effective address inspection
- The data dump view is tabbed, allowing you to have several views of memory open at the same time and quickly switch between them.
- Importing and generation of symbol maps
- Plugins
- To run the tool type, edb in the terminal.
- Visit the official site for more information.
JavaSnoop
Normally, without access to the original source code, testing the security of a Java client is unpredictable at best and unrealistic at worst. JavaSnoop attempts to solve this problem by allowing you to attach to an existing process (like a debugger) and instantly begin tampering with method calls, run custom code, or just watch what’s happening on the system.
- It comes pre-installed in Kali Linux.
- To run the tool type, javasnoop is in the terminal.
- Visit the official site for more information.
OllyDbg
OllyDbg is a 32-bit assembler-level analyzing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where the source is unavailable. Some key features are:
- It has an easy-to-use and fairly intuitive GUI making it a relatively quick study.
- Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants, and strings
- Directly loads and debugs DLLs
- Object file scanning - locates routines from object files and libraries
- Saves patches between sessions write them back to executable file, and updates fixups
- No installation - no trash in the registry or system directories
- Although it is free, it is NOT open-source.
- Visit the official site for more information.
JADX
JADX (Dex to Java decompiler) is a CLI/GUI tool to produce Java source code from Android Dex and APK files. It is open-source software. It comes pre-installed in Kali Linux. Some key features are:
- decompile Dalvik bytecode to java classes from APK, dex, aar, and zip files
- decode AndroidManifest.xml and other resources from resources.arsc
- deobfuscator included
- view decompiled code with highlighted syntax
- jump to declaration
- find usage
- full-text search
- To run type, jadx-gui in the terminal.
- Visit the official GitHub repository.
- What is Reverse Engineering
- Reverse Engineering Tool - Ghidra
- OS focused on Reverse Engineering for Mobile Applications - Click Here!
- OS focused on Reverse Engineering and Malware Analysis - Click Here!
We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.
No comments:
Post a Comment