From Collaborative RCE Tool Library
Decompilers
| Tool name: | DeDe |
| ||
|---|---|---|---|---|
| Author: | DaFixer | |||
| Website: | http://dafixer.cjb.net | |||
| Current version: | 3.50.04 (build 1635) | |||
| Last updated: | June 25, 2006 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free / Open Source | |||
| Description: | DeDe is a very fast application that allows you to analyze executables compiled with Delphi 2,3,4,5,6,7, C++ Builder, Kylix and Kol, and gives you the following: · All .dfm files of the target. You will be able to open and edit them with Delphi. · All published methods in well commented ASM code with references to strings, imported function calls, classes methods calls, components in the unit, Try-Except and Try-Finally blocks. (By default DeDe retrieves only the published methods sources, but you may also process another procedure in a executable if you know the RVA offset using the Tools|Disassemble Proc menu.) · A lot of additional information the files. · You can create a Delphi project folder with all dfm, pas, dpr files. Note: pas files contains the mentioned above well commented ASM code. They can not be recompiled ! You can also: · View the PE Header of all PE Files and change/edit the sections flags. · Use the opcode-to-asm tool for translating intel opcode to assembler. · Use RVA-to-PhysOffset tool for fast converting physical and RVA addresses. · Use the DCU Dumper (view dcu2int.txt for more details) to retrieve near to pascal code of your DCU files. · Use BPL(DPL) Dumper to see BPL exports and create symbol files to use with DeDe disassembler. · Disassemble a target EXE directly from memory in case of a packed exe. ------------ NOTE: The original site seems to be gone (or at least DeDe seems to be gone from it), and the locally archived copy here in this CRCETL entry is not the version with source code included. If someone has a copy of the version with source included, or a version higher than 3.50.02 build 1619 (which is the one we have locally archived, even though at least 3.50.04 build 1635 exists), please upload it here! | |||
| Also listed in: | Delphi Decompilers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Boomerang |
| ||
|---|---|---|---|---|
| Author: | The Boomerang Decompiler Project | |||
| Website: | http://boomerang.sourceforge.net/ | |||
| Current version: | 0.3.1 | |||
| Last updated: | 2006 | |||
| Direct D/L link: | N/A | |||
| License type: | Free / Open Source | |||
| Description: | A general, open source, retargetable decompiler of machine code programs. This project is an attempt to develop a real decompiler for machine code programs through the open source community. A decompiler takes as input an executable file, and attempts to create a high level, compilable, possibly even maintainable source file that does the same thing. It is therefore the opposite of a compiler, which takes a source file and makes an executable. However, a general decompiler does not attempt to reverse every action of the decompiler, rather it transforms the input program repeatedly until the result is high level source code. It therefore won't recreate the original source file, probably nothing like it. It does not matter if the executable file has symbols or not, or was compiled from any particular language. (However, declarative languages like ML are not considered.) The intent is to create a retargetable decompiler (i.e. one that can decompile different types of machine code files with modest effort, e.g. X86-windows, sparc-solaris, etc). It was also intended to be highly modular, so that different parts of the decompiler can be replaced with experimental modules. It was intended to eventually become interactive, a la IDA Pro, because some things (not just variable names and comments, though these are obviously very important) require expert intervention. Whether the interactivity belongs in the decompiler or in a separate tool remains unclear. By transforming the semantics of individual instructions, and using powerful techniques such as Static Single Assignment dataflow analysis, Boomerang should be (largely) independent of the exact behaviour of the compiler that happened to be used. Optimisation should not affect the results. Hence, the goal is a general decompiler. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | DE Decompiler |
| ||
|---|---|---|---|---|
| Author: | GPcH Soft | |||
| Website: | http://www.de-decompiler.com | |||
| Current version: | 2.0 (updated) | |||
| Last updated: | March 2, 2008 | |||
| Direct D/L link: | http://www.de-decompiler.com/files/de_decompiler_lite.zip | |||
| License type: | Commercial (with demo) | |||
| Description: | DE Decompiler is the unique solution for decompiling the Delphi generated programs (EXE, DLL, OCX). As you know the Delphi programs is the native win32 executable files. DE Decompiler restores most parts of the compiled code and helps you to recover most parts of the lost sources. It contans the powerful disassembler which supports Pentium Pro commands including MMX and SSE extensions. Also it has a useful smart assembler code emulation engine. The build-in disassembler allows you to disassemble a lots of functions and represents it in semi-decompiled mode. DE Decompiler has a wonderful code analyzer which makes your work easy and fast. In addition to all it can search for all the API function's calls and the string references in the disassembled code and comment them out for analyzed strings. If you lost your source codes - DE Decompiler save your time and helps you to restore it. In general, DE Decompiler is the ideal tool for analyzing programs and it is perfect if you lose your source code and need to partially restore the project. | |||
| Also listed in: | Delphi Decompilers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Desquirr - Decompiler Plugin for IDA Pro |
| ||
|---|---|---|---|---|
| Author: | David Eriksson | |||
| Website: | http://desquirr.sourceforge.net/desquirr/ | |||
| Current version: | 20070130 (desquirr-20070130-bin-ida_v5_0.zip) | |||
| Last updated: | November 13, 2003 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free / Open Source | |||
| Description: | Desquirr is a decompiler plugin for IDA Pro. Desquirr currently consists of a little more than 5000 lines of C++ code, not counting empty lines or lines beginning with comments Read the Master Thesis at http://desquirr.sourceforge.net/desquirr/desquirr_master_thesis.pdf | |||
| Also listed in: | IDA Extensions | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | ExeToC Decompiler |
| ||
|---|---|---|---|---|
| Author: | bookaa | |||
| Website: | http://sourceforge.net/projects/exetoc/ | |||
| Current version: | ||||
| Last updated: | May 23, 2005 | |||
| Direct D/L link: | N/A | |||
| License type: | Free / Open Source | |||
| Description: | Decompile win32 programs and DLLs to C++ step by step. Allows some interactivity. Main functions already work: * Supports if/else/for/do/while/break/switch case/continue * Supports API * Supports C++ head file load * Supports standard library function recognize. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Hex-Rays |
| ||
|---|---|---|---|---|
| Author: | Hex-Rays sprl (Ilfak Guilfanov) | |||
| Website: | http://www.hex-rays.com | |||
| Current version: | 1.0 | |||
| Last updated: | September 17, 2007 | |||
| Direct D/L link: | N/A | |||
| License type: | Commercial (IDA Pro plugin) | |||
| Description: | Hex-Rays is created by Ilfak Guilfanov, famous author of IDA Pro. It is a commercial IDA Pro plugin, and aims to be the best decompiler ever created. | |||
| Also listed in: | IDA Extensions | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | myAut2Exe |
| ||
|---|---|---|---|---|
| Author: | cw2k | |||
| Website: | http://defcon5.biz/phpBB3/viewtopic.php?f=5&t=234 | |||
| Current version: | 2.2 | |||
| Last updated: | ||||
| Direct D/L link: | http://anonym.to/?http://myauttoexe.angelfire.com/myAutToExe2_2_AutoIt3_Decompiler_opensource.zip | |||
| License type: | Open Source | |||
| Description: | AutoIT Script Decompiler | |||
| Also listed in: | Installer Decompilers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Orca |
| ||
|---|---|---|---|---|
| Author: | Microsoft | |||
| Website: | http://msdn2.microsoft.com/en-us/library/aa370557(VS.85).aspx | |||
| Current version: | ||||
| Last updated: | ||||
| Direct D/L link: | http://www.microsoft.com/downloads/details.aspx?FamilyId=C2B1E300-F358-4523-B479-F53D234CDCCF&displaylang=en | |||
| License type: | Proprietary | |||
| Description: | Orca is a database table editor for creating and editing Windows Installer packages and merge modules. The tool provides a graphical interface for validation, highlighting the particular entries where validation errors or warnings occur. This tool is only available in the Windows SDK Components for Windows Installer Developers. It is provided as an Orca.msi file. After installing the Windows SDK Components for Windows Installer Developers, double click Orca.msi to install the Orca.exe file. | |||
| Also listed in: | Installer Decompilers, Installer Extraction Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | RACEVB6 |
| ||
|---|---|---|---|---|
| Author: | Sarge | |||
| Website: | http://www.racevb6.com | |||
| Current version: | 4.2 | |||
| Last updated: | February 27, 2008 | |||
| Direct D/L link: | http://www.racevb6.com/RaceEx6_4_2.zip | |||
| License type: | Free | |||
| Description: | RACEVB6 is a Visual Basic 6 P-Code analyzer. RACEVB6 can be used to investigate Visual Basic 6 programs compiled to P-Code. RACEVB6 will display not only such typical information as Project data and Form/Control GUI data, but will also make available Procedures names and offsets, their accompanying P-Code opcodes, extract any Pictures or Images contined within the program, and many other pieces of "buried" data. | |||
| Also listed in: | Visual Basic Decompilers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | RecStudio |
| ||
|---|---|---|---|---|
| Author: | Backer Street Software | |||
| Website: | http://www.backerstreet.com/rec/rec.htm | |||
| Current version: | 2.2 | |||
| Last updated: | July 2, 2007 | |||
| Direct D/L link: | http://www.backerstreet.com/rec/rec22.zip | |||
| License type: | Free | |||
| Description: | REC is a portable reverse engineering compiler, or decompiler. It reads an executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It is portable because it has been designed to read files produced for many different targets, and it has been compiled on several host systems. RecStudio offers a modern user interface to REC's interactive mode. A command line version is still available for Linux and Solaris hosts. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Reflector for .NET |
| ||
|---|---|---|---|---|
| Author: | Lutz Roeder | |||
| Website: | http://www.aisto.com/roeder/dotnet | |||
| Current version: | 5.0.50.0 (with autoupdate feature) | |||
| Last updated: | Frequently | |||
| Direct D/L link: | http://www.aisto.com/roeder/dotnet/Download.aspx?File=Reflector | |||
| License type: | Free | |||
| Description: | From website: "Reflector is a very powerful class browser, explorer, analyzer and documentation viewer for .NET. Reflector allows to easily view, navigate, search, decompile and analyze .NET assemblies in C#, Visual Basic and IL." This is one of the most powerful .NET decompilers that you can't buy - just download :) Many of the popular commercial tools achieving the same goal "suddenly" got a boost when this masterpiece of work saw a daylights (and besides that those are commercial, still have hard time with obfuscators). Just give it a try, it will last literally five minutes - load some well known assembly of yours, choose target .NET language (!) and let'em work. Then compare it with the original. You'll surely not forget this one. | |||
| Also listed in: | .NET Disassemblers, .NET Decompilers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | uncc |
| ||
|---|---|---|---|---|
| Author: | littlejohn / megabug | |||
| Website: | http://www.reteam.org/tools.html | |||
| Current version: | 0.1.0 | |||
| Last updated: | ||||
| Direct D/L link: | http://www.reteam.org/tools/tf14.zip | |||
| License type: | Free | |||
| Description: | C decompiler | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | VB Decompiler |
| ||
|---|---|---|---|---|
| Author: | GPcH Soft | |||
| Website: | http://www.vb-decompiler.org | |||
| Current version: | 3.9 | |||
| Last updated: | March 2, 2008 | |||
| Direct D/L link: | http://www.vb-decompiler.org/files/vb_decompiler_lite.zip | |||
| License type: | Shareware | |||
| Description: | VB Decompiler is decompiler for programs (EXE, DLL or OCX) written in Visual Basic 5.0/6.0. As you know, programs in Visual Basic can be compiled into interpreted p-code or into native code. Since p-code consists of high-level commands, there is a real possibility to decompile it into the source code (of course, the names of variables, functions, etc. will not be decompiled). VB Decompiler restores many p-code instructions and although there is a long way to the generation of the source code that can be compiled, the decompiler will make analyzing the program algorithm much easier and partially restore its source code. If a program was compiled into the native code, restoring the source code from machine instructions is not possible. But VB decompiler can help to analyze the program even in this situation as well. It contains a powerful disassembler that supports Pentium Pro commands including MMX and SSE. It allows you to disassemble all functions. There is also a code analyzer that searches for all API function calls and string references in the disassembled code and changes them into comments for analyzed strings. In general, VB Decompiler is an ideal tool for analyzing programs and it is perfect if you lose the source code and need to partially restore the project. | |||
| Also listed in: | Visual Basic Decompilers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
