Awesome Game Security

A tool for reverse engineering Android apk files

Tutorials, tools, and more as related to reverse engineering video games.

Android virtual machine and deobfuscator

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

State-of-the-art native debugging tools

Android Reverse-Engineering Workbench for VS Code

Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK.

Cross-platform game hack for Counter-Strike 2 with Panorama-based GUI.

edb is a cross-platform AArch32/x86/x86-64 debugger.

A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.

PE (and elf now!) bin2bin obfuscator

A bunch of Windows anti-debugging tricks for x86 and x64.

LLDB MCP Integration + other helpful commands

The world's first agentic reverse engineer.

Ghidra C++ Class and Run Time Type Information Analyzer

Unofficial frida extension for VSCode

A Binary Genetic Traits Lexer Framework

This tool will allow you to spoof the return addresses of your functions as well as system functions.

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

Loader for VAC Bypass written in C.

Find zero-days while you sleep. DeepZero is an automated vulnerability research framework that parses, decompiles, and analyzes thousands of Windows kernel drivers for exploitable IOCTLs natively using AI agents.

Half-Life 2 SDK Mirrors

Cross-platform streamproof ESP hack for Counter-Strike: Global Offensive, written in modern C++. Rendering and GUI powered by Dear ImGui + FreeType.

GptHidra is a Ghidra plugin that uses the OpenAI Chat GPT to explain functions. With GptHidra, you can easily understand the purpose and behavior of functions in your codebase. Now with GPT4 Support!

Ghidra analyzer for UEFI firmware.

Scan signatures and netvars. Dumps header files, cheat tables and ReClass files.

A dnSpy extension to aid reversing of obfuscated assemblies

GhidRust: Rust decompiler plugin for Ghidra

symbolic execution plugin for binary ninja

.NET Project containing plenty of advanced techniques to detect various types of malicious actions on your software, with syscall support.

A plugin based on IDAPython for a functional DWIM interface. Current development against most recent IDA is in the "persistence-refactor" branch, ancient (but stable) work is in "master", so... create an issue if you want/need something backported. Use "Wiki" or "Discussions" for examples, and smash that "Star" button if you like this.

An AVX Lifter for the Hex-Rays Decompiler

Sharp SM83 / Game Boy extension for Ghidra

An x86-64 code virtualizer for VM based obfuscation

ChatGPT Agent analyses your IDA pseudocode

XEX/XBE loader plugin for IDA 9, and xex1tool, supporting most known Xbox/Xbox360 executable file formats.

binary ninja cli for coding agents

IdaClu is a version agnostic IDA Pro plugin for grouping similar functions. Pick an existing grouping algorithm or create your own.

Invoke functions with a spoofed return address. For 32-bit Windows binaries. Supports __fastcall, __thiscall, __stdcall and __cdecl calling conventions. Written in C++17.

Free open-source training software / cheat for Counter-Strike: Global Offensive, written in C.

IDA Python Script to Get All function names from Event Constructor (VCL)

PE packer/crypter for Windows. compresses and encrypts executables with a custom virtual machine into a self extracting stub.

Brovan is a user-mode x86_64 binary emulator for your malware analysis & reverse engineering.

Vulnerability research assistant that locates calls to potentially insecure API functions in a binary file.

Library containing Anti-RE and Anti-Debug methods.

Reverse engineering assistant that extracts strings and related pseudocode from a binary file.

A Model Context Protocol (MCP) server that enables AI assistants to interact with IDA Pro for reverse engineering and binary analysis tasks.

DSE & PG bypass via BYOVD attack

IDA plugin that displays the P-code for the current function

Drive x64dbg with your AI. MCP server: 23 mega-tools / 153 endpoints for breakpoints, memory, disasm, tracing, anti-debug & PE dumping. Claude/Cursor/Windsurf/Cline. All local.