Search the Community

This is a collection of tools you may like if you are interested in reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you’ll have a folder on your desktop with shortcuts to RE tools like these: Why do I need it? You don’t. Obviously, you can download such tools from their own website and install them by yourself in a new VM. But if you download retoolkit, it can probably save you some time. Additionally, the tools come pre-configured so you’ll find things like x64dbg with a few plugins, command-line tools working from any directory, etc. You may like it if you’re setting up a new analysis VM. Included tools Tools by category .NET Compilers Debuggers Decompilers Document analysis Hexadecimal editors PE analyzers PE resources editors Process monitors Signature tools Unpacking Utilities Changelog v2022.04 Changes: Added: Echo Mirage. elfparser-ng. entropy (closes #47). Force Toolkit. MiniDump x64dbg plugin. Notepad++. OllyDumpEx x64dbg plugin (closes #41). Removed: Bewareircd: Too specific to analyze (now rare?) IRC-based communications. dnSpy: Replaced by dnSpyEx. HyperDBG: It’s a nice project, but they don’t provide binary releases yet, meaning a lot of work for me. JRE: Replaced by JDK, which is required by Ghidra. Threadtear: It doesn’t work with JDK required by Ghidra. [hide][Hidden Content]]