Geek-Guy.com

Malware Reversing

Here’s a list of some of the best malware reversing tools from Geek-Guy.com:

Based on the most complete archives of the Malware Reversing resource page from Geek-Guy.com, here are the extracted tools and their current, functional links organized by category:

Disassemblers & Debuggers

Tool NameURL
IDA Free / Prohttps://hex-rays.com/ida-free/
Ghidrahttps://ghidra-re.org/
x64dbghttps://x64dbg.com/
OllyDbghttp://www.ollydbg.de/
Windbghttps://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/
Radare2https://www.radare.org/

Static Analysis & PE Tools

Tool NameURL
PEStudiohttps://www.winitor.com/
PE-bearhttps://github.com/hasherezade/pe-bear
CFF Explorerhttps://ntcore.com/?page_id=388
Detect It Easy (DIE)https://github.com/horsicq/Detect-It-Easy
Stringshttps://learn.microsoft.com/en-us/sysinternals/downloads/strings
Resource Hackerhttp://www.angusj.com/resourcehacker/

Dynamic Analysis & Monitoring

Tool NameURL
Process Hackerhttps://processhacker.sourceforge.io/
Procmon (Process Monitor)https://learn.microsoft.com/en-us/sysinternals/downloads/procmon
Process Explorerhttps://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer
Regshothttps://sourceforge.net/projects/regshot/
Wiresharkhttps://www.wireshark.org/
Fakenet-NGhttps://github.com/mandiant/flare-fakenet-ng

Decompilers & Scripting

Tool NameURL
dnSpy (for .NET)https://github.com/dnSpy/dnSpy
dotPeekhttps://www.jetbrains.com/decompiler/
JD-GUI (for Java)http://java-decompiler.github.io/
PyLingualhttps://pylingual.io/

Sandboxing & Automated Analysis

Tool NameURL
Cuckoo Sandboxhttps://cuckoosandbox.org/
CAPE Sandboxhttps://github.com/kevoreilly/CAPEv2
Any.Runhttps://any.run/
Hybrid Analysishttps://www.hybrid-analysis.com/

Specialized Frameworks

Tool NameURL
FLARE-VMhttps://github.com/mandiant/flare-vm
REMnuxhttps://remnux.org/