Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

nullbind/binrev

BranchesTags
Open more actions menu
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
2 Commits
README.md
README.md
 
 
binrev.bat
binrev.bat
 
 

Repository files navigation

Binrev- Automate reversing Windows binaries for pentesters

Here is a rough description of what it does, and what tools it is using:

For exe, dll files:

  1. Detect and de-obfuscate for .NET libraries with de4dot
  2. Decompile .NET libraries with JustDecompile
  3. Zip decompiled source code to netsources.zip
  4. Run strings against native libraries
  5. Export calleable functions with dllexp. You can then try to run those functions with command Rundll32 ,
  6. Export dependencies with depends
  7. Extract native resources with resourcesextract

For jar files:

  1. Extract and combine java classes into a single zip file
  2. Decompile java sources with procyon
  3. Zip decompiled source code to javasources.zip

Requirement

Usage

  1. Configure correct path to installed tools in the script:
set justdecompile="JustDecompile\JustDecompile"
set dllexp="dllexp\dllexp"
set peverify=peverify
set zip="7-Zip\7z"
set strings="strings"
set de4dot=" de4dot-2.0.3\de4dot"
set java7="C:\Program Files (x86)\Java\jre7\bin\java"
set procyon="procyon-decompiler-0.5.7.jar"
  1. Run
Binrev [Source folder] [Output folder]

Output

  • /java/decompiled: decompiled Java class files
  • /native: native win32 libraries
  • /native/resextract: native win32 resource files
  • /net/decompiled: decompiled .NET projects
  • /net/bin: .NET libraries and executables
  • /net/deobs: deobfuscated .NET libraries
  • /logs: strings on native libraries, exportable functions, dependencies, list of decompiled and native dlls
  • /other: unhandled file extensions

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published
Morty Proxy This is a proxified and sanitized view of the page, visit original site.