Skip to content

nullbind/binrev

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

README.md

README.md

 
 

binrev.bat

binrev.bat

 
 

Repository files navigation

Binrev- Automate reversing Windows binaries for pentesters

Here is a rough description of what it does, and what tools it is using:

For exe, dll files:

  1. Detect and de-obfuscate for .NET libraries with de4dot
  2. Decompile .NET libraries with JustDecompile
  3. Zip decompiled source code to netsources.zip
  4. Run strings against native libraries
  5. Export calleable functions with dllexp. You can then try to run those functions with command Rundll32 ,
  6. Export dependencies with depends
  7. Extract native resources with resourcesextract

For jar files:

  1. Extract and combine java classes into a single zip file
  2. Decompile java sources with procyon
  3. Zip decompiled source code to javasources.zip

Requirement

Usage

  1. Configure correct path to installed tools in the script:
set justdecompile="JustDecompile\JustDecompile"
set dllexp="dllexp\dllexp"
set peverify=peverify
set zip="7-Zip\7z"
set strings="strings"
set de4dot=" de4dot-2.0.3\de4dot"
set java7="C:\Program Files (x86)\Java\jre7\bin\java"
set procyon="procyon-decompiler-0.5.7.jar"
  1. Run
Binrev [Source folder] [Output folder]

Output

  • /java/decompiled: decompiled Java class files
  • /native: native win32 libraries
  • /native/resextract: native win32 resource files
  • /net/decompiled: decompiled .NET projects
  • /net/bin: .NET libraries and executables
  • /net/deobs: deobfuscated .NET libraries
  • /logs: strings on native libraries, exportable functions, dependencies, list of decompiled and native dlls
  • /other: unhandled file extensions

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published