Capstone

Tool Description

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community. Created by Nguyen Anh Quynh, then developed and maintained by a small community, Capstone offers some unparalleled features:

  • Support multiple hardware architectures: ARM, ARM64 (aka ARMv8), Mips & X86
  • Having clean/simple/lightweight/intuitive architecture-neutral API
  • Provide details on disassembled instruction (called “decomposer” by others)
  • Provide semantics of the disassembled instruction, such as list of implicit registers read & written
  • Implemented in pure C language, with lightweight wrappers for C++, Python, Ruby, OCaml, C#, Java and Go available
  • Native support for Windows & *nix platforms (MacOSX, Linux & *BSD confirmed)
  • Thread-safe by design.

Tool Source: http://www.capstone-engine.org/index.html

Kali Repo: http://git.kali.org/gitweb/?p=packages/capstone.git;a=summary

Video Tutorial: Coming Soon!

apktool – A tool for re-engineering Android apk files

Tool Description

It is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with app easier because of project-like files structure and automation of some repetitive tasks like building apk, etc.
It is NOT intended for piracy and other non-legal uses. It could be used for localizing, adding some features or support for custom platforms and other GOOD purposes. Just try to be fair with authors of an app, that you use and probably like.

Tool Source: https://code.google.com/p/android-apktool/

Kali Repo: http://git.kali.org/gitweb/?p=packages/apktool.git;a=summary

Video Tutorial: Coming Soon!

Binwalk – Firmware analysis tool

Tool Description

Binwalk is a tool for searching a given binary image for embedded files and executable code. Specifically, it is designed for identifying files and code embedded inside of firmware images. Binwalk uses the libmagic library, so it is compatible with magic signatures created for the Unix file utility. Binwalk also includes a custom magic signature file which contains improved signatures for files that are commonly found in firmware images such as compressed/archived files, firmware headers, Linux kernels, bootloaders, filesystems, etc.

Tool Source: http://binwalk.org/

Kali Repo: http://git.kali.org/gitweb/?p=packages/binwalk.git;a=summary

Video Tutorial: Coming Soon!