-
Notifications
You must be signed in to change notification settings - Fork 957
Repository Overview
Peter Matula edited this page May 4, 2023
·
5 revisions
-
ar-extractor
- library for extracting object files from archives (based on LLVM). -
bin2llvmir
- library of LLVM passes for translating binaries into LLVM IR modules. -
capstone2llvmir
- binary instructions to LLVM IR translation library. -
common
- library implementing objects commonly used all across other modules. -
config
- library for representing and managing RetDec configuration databases. -
cpdetect
- library for compiler and packer detection in binaries. -
ctypes
- library for representing C function data types. -
ctypesparser
- library for parsing C function data types from JSON files intoctypes
representation. -
debugformat
- library for uniform representation of DWARF and PDB debugging information. -
demangler
- demangling library capable to handle names generated by the GCC/Clang, Microsoft Visual C++, and Borland C++ compilers. -
fileformat
- library for parsing and uniform representation of various object file formats. Currently supporting the following formats: COFF, ELF, Intel HEX, Mach-O, PE, raw data. -
llvmir-emul
- LLVM IR emulation library used for unit testing. -
llvmir2hll
- library for translating LLVM IR modules to high-level source codes (C, Python-like language). -
loader
- library for uniform representation of binaries loaded to memory. Supports the same formats as fileformat. -
macho-extractor
- library for extracting regular Mach-O binaries from fat Mach-O binaries (based on LLVM). -
patterngen
- binary pattern extractor library. -
pdbparser
- Microsoft PDB files parser library. -
pelib
- Microsoft Portable Executable files manipulation library. -
retdec
- the main decompilation library. -
rtti-finder
- library for finding GCC/Clang and MSVC RTTI structures inside binaries. -
serdes
- library for serializing and deserializing various RetDec classes. -
stacofin
- static code finder library. -
unpacker
- collection of unpacking functions. -
utils
- general C++ utility library. -
yaracpp
- C++ wrapper for YARA.
Notes:
- Library names are also RetDec component names that could be used in
find_package(retdec <version> REQUIRED COMPONENTS <component> [...])
. - CMake target associated with
<component>
is always namedretdec::<component>
. - Build and installation of an individual
<component>
can be enabled by settingRETDEC_ENABLE_<component>=ON
at CMake configuration. - See retdec-build-system-tests for demos on how to use these.
-
ar-extractortool
- frontend for the ar-extractor library (installed asretdec-ar-extractor
). -
bin2pat
- generates patterns from binaries (installed asretdec-bin2pat
). -
capstone2llvmirtool
- frontend for thecapstone2llvmir
library (installed asretdec-capstone2llvmir
). -
demanglertool
- frontend for thedemangler
library (installed asretdec-demangler
). -
fileinfo
- the main binary analysis tool. Supports the same formats asfileformat
(installed asretdec-fileinfo
). -
getsig
- generates signatures from binary files (installed asretdec-getsig
). -
idr2pat
- tool for extracting patterns from IDR knowledge bases (installed asretdec-idr2pat
). -
macho-extractortool
- frontend for themacho-extractor
library (installed asretdec-macho-extractor
). -
pat2yara
- tool for processing patterns to YARA signatures (installed asretdec-pat2yara
). -
retdec-decompiler
- the main decompilation application -- frontend for theretdec
library. This is the tool to use for full binary-to-C decompilations. -
stacofintool
- frontend for thestacofin
library (installed asretdec-stacofin
). -
unpackertool
- plugin-based unpacker (installed asretdec-unpacker
).
Notes:
- Tool names are also RetDec component names.
- Build and installation of an individual
<component>
can be enabled by settingRETDEC_ENABLE_<component>=ON
at CMake configuration.
- Support scripts:
-
retdec-archive-decompiler.py
- decompiles objects in the given AR archive. -
retdec-fileinfo.py
- a Fileinfo tool wrapper. -
retdec-signature-from-library-creator.py
- extracts function signatures from the given library. -
retdec-unpacker.py
- tries to unpack the given executable file by using any of the supported unpackers. -
retdec-utils.py
- a collection of Python utilities.
-
-
retdec-tests-runner.py
- run all tests in the unit test directory. -
type_extractor
- generation of type information (for internal use only)