JEB x86 Decompiler / x86-64 Decompiler
JEB Intel decompilers allow reverse engineers to analyze malicious Intel x86 32-bit and 64-bit programs.
Cut down on costly reverse engineering time: use our interactive decompilers for x86 and x86-64 binaries to analyze Windows malware.
The x86 decompiler and x86-64 decompiler, as well as the Intel x86 analysis modules, provide the following features:
- Support most code object files: Windows PE (EXE binaries, DLL libraries, SYS drivers), Linux ELF, Mach-O, headless firmware, etc.
- Augmented disassembly including resolution of dynamic callsites, candidate values determination for registers, dynamic cross-references, etc.
- Decompilation of x86 and x86-64 to C-like source code.
- Advanced optimization passes to thwart protected or obfuscated code. Power users can craft their
own optimizers (example)
- Win32 type libraries, Kernel type libraries for efficient Windows file analysis.
Power-users can generate their own typelibs as well (details)
- Signature libraries of common SDK, including all versions of Microsoft Visual Studio.
- Interactive layer allowing refactoring: type definition, stackframe building, renaming/commenting/cross-referencing, etc.
- Full API and access to the Intermediate Representations to perform advanced and/or automated code analysis in Python or Java
- (Coming soon) Partial Class Recovery and Decompilation to C++ for programs compiled with MS VCPP
(Beta access - demo video).
The Intel reverse-engineering modules ship with JEB Pro and JEB Home Edition x86