HACKER LISTS HACKING PROGRAMMING

SUBSCRIBE TO HACKER LISTS

Home Hacking 13 Awesome Deobfuscation Tools For Reverse Engineers VIA EMAIL

13 Awesome Deobfuscation Tools For

Enter your email address to subscribe
to Hacker Lists and receive notications
of new lists by email.

Reverse Engineers Email Address

A CURATED LIST OF AWESOME DEOBFUSCATION TOOLS Subscribe

FOR REVERSE ENGINEERS.

1.BALBUZARD
Balbuzard is a package of malware analysis tools in python to extract patterns of FOLLOW US
interest from suspicious les (IP addresses, domain names, known le headers,

interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by
bruteforcing and checking for those patterns.

2. DE4DOT
LIKE HACKER LISTS ON
de4dot is an open source (GPLv3) .NET deobfuscator and unpacker written in C#. It will
FACEBOOK
try its best to restore a packed and obfuscated assembly to almost the original
assembly. Most of the obfuscation can be completely restored (eg. string encryption),
but symbol renaming is impossible to restore since the original names arent (usually)
part of the obfuscated assembly.It uses dnlib to read and write assemblies so make
sure you get it or it wont compile.
Popular Recent
3. FLOSS
22 Hacking Sites, CTFs and
FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis
Wargames To Practice Your
techniques to automatically deobfuscate strings from malware binaries.
Hacking Skills

16 Free Machine Learning

4. IHEARTXOR Books

 iheartxorcan be used to bruteforce xor encoded strings within a user dened regular
expression pattern (-r). The default search pattern is a regular expression of that
searches for data between null bytes (\x00). The tool can also be used to do a The Ultimate List of
straight xor on a le with -f le.name -k value. The value must between 0x0-0x255. TensorFlow Resources:
Books, Tutorials, Libraries and

5. NOMOREXOR More

NoMoreXORhelps guess a les 256 byte XOR key by using frequency analysis. Learn SQL: 50+ of the Best
Online Educational
Resources to Learn SQL and
6. PACKERATTACKER
Relational Database
The Packer Attacker is a generic hidden code extractor for Windows malware. It Management
supports the following types of pacers:running from heap, replacing PE header,
13 Awesome Deobfuscation
injecting in a process.
Tools For Reverse Engineers

7. UNPACKER
unpacker is a automated malware unpacker for Windows malware based on
WinAppDbg.

8. UNXOR
unxorwill search through an XOR-encoded le (binary, text-le, whatever) and use
known-plaintext attacks to deduce the original keystream. Works on keys half as long
as the known-plaintext, in linear complexity.

9.VIRTUALDEOBFUSCATOR
VirtualDeobfuscator is a reverse engineering tool for virtualization wrappers.The goal
of the Virtual Deobfuscator is to analyze a runtrace and lter out the VM processing
instructions, leaving a reverse engineer with a bytecode version of the original binary.

10.XORBRUTEFORCER
XORBruteForcer is a python script that implements a XOR bruteforcing of a given le,
although a specic key can be used too. Its possible to look for a word in the xored
result, minimizing the output.

11. XORSEARCH

 XORSearch is a program to search for a given string in an XOR, ROL, ROT or SHIFT
encoded binary le.XORSearch will try all XOR keys (0 to 255), ROL keys (1 to 7), ROT
keys (1 to 25) and SHIFT keys (1 to 7) when searching.

12. XORSTRINGS
XORStrings will search for strings in the (binary) le you provide it, using the same
encodings as XORSearch (XOR, ROL, ROT and SHIFT). For every encoding/key,
XORStrings will search for strings and report the number of strings found, the average
string length and the maximum string length.

13. XORTOOL
xortool is a python script that will attempt toguess the XOR key length (based on
count of equal chars), as well asthe key itself (based on knowledge of most frequent
char).

If you know of any more deobfuscation tools that you think should be on this list, please let
me know by leaving a comment on this post and I will get them added.

SUBSCRIBE TO BLOG VIA EMAIL

Enter your email address to subscribe to this blog and receive notications of new posts by
email.

Email Address

Subscribe

Tags: Reverse Engineering

Related Posts
Android Logo Information Security hacking sites

26 Awesome Android The Ultimate List of 100+ 22 Hacking Sites, CTFs and
Reverse Engineering Tools Information Security Wargames To Practice Your
Resources Hacking Skills

Memory Analysis Tools Binary Numbers

8 Awesome Memory 11 Alternatives to IDA Pro

Analysis Tools Disassembler

2 Comments
Esefarm JULY 6, 2016
Im pretty new to this stu and only used JavaScript deobfuscation tools like JSDetox
which is really nice, check it out.
Reply

Hacker Lists JULY 6, 2016

Thanks for the recommendation. Ill give it a look.
Reply

Leave a Reply

Comment Text*

Name*

Email*

Website

Post Comment
 Post Comment

Notify me of follow-up comments by email.

Notify me of new posts by email.

Hacker Lists Copyright 2017. Theme by MyThemeShop