RetDec is a retargetable machine-code decompiler based on LLVM.
The decompiler is not limited to any particular target architecture, operating system, or executable file format:
- Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and raw machine code.
- Supported architectures (32b only): Intel x86, ARM, MIPS, PIC32, and PowerPC.
- Static analysis of executable files with detailed information.
- Compiler and packer detection.
- Loading and instruction decoding.
- Signature-based removal of statically linked library code.
- Extraction and utilization of debugging information (DWARF, PDB).
- Reconstruction of instruction idioms.
- Detection and reconstruction of C++ class hierarchies (RTTI, vtables).
- Demangling of symbols from C++ binaries (GCC, MSVC, Borland).
- Reconstruction of functions, types, and high-level constructs.
- Integrated disassembler.
- Output in two high-level languages: C and a Python-like language.
- Generation of call graphs, control-flow graphs, and various statistics.
This repository contains the following libraries:
bin2llvmir— library of LLVM passes for translating binaries into LLVM IR modules.debugformat— library for uniform representation of DWARF and PDB debugging information.dwarfparser— library for high-level representation of DWARF debugging information.llvm-support— set of LLVM related utility functions.llvmir2hll— library for translating LLVM IR modules to high-level source codes (C, Python-like language).
bin2llvmirtool— frontend for thebin2llvmirlibrary.llvm2hlltool— frontend for thellvmir2hlllibrary.
decompile.sh— the main decompilation script binding it all together. This is the tool to use for full binary-to-C decompilations.- Support scripts used by
decompile.sh:color-c.py— decorates output C sources with IDA color tags — syntax highlighting for IDA.config.sh— decompiler’s configuration file.decompile-archive.sh— decompiles objects in the given AR archive.fileinfo.sh— a Fileinfo tool wrapper.signature-from-library.sh— extracts function signatures from the given library.unpack.sh— tries to unpack the given executable file by using any of the supported unpackers.
- Other utility scripts:
decompile-all.sh— decompiles all executables in the given directory and subdirectories.run-unit-test.sh— run all tests in the unit test directory.utils.sh— a collection of bash utilities.
Also Read: [BlackHat tool] XDiFF: Extended Differential Fuzzing Framework
Hello, Viewers We offer timely analysis and in-person experiences that form the basis of our professional articles. Our editorial section is a reflection of the emerging technology trends. Our tagline “Fresh News of Technology and More” tries to address the same diversity. 
No comments:
Post a Comment