Avast has open-sourced its machine code decompiler and analytical tool, RetDec, in a move to help the cybersecurity community fight against malicious software. The tool enables you to study application code without actually having to run the application.
“Decompilers can be used in a variety of situations,” wrote the Avast Threat Intelligence Team in a post. “The most obvious is reverse engineering when searching for bugs, vulnerabilities, or analyzing malicious software. Decompilation can also be used to retrieve lost source code when comparing two executables, or to verify that a compiled program does exactly what is written in its source code.”
The company open-sourced the tool because it wants to have a generic tool that is not limited to a single platform for analyzing code.
“By preserving a program’s functionality, we want the source code to reflect what the input program does as accurately as possible; otherwise, we risk assuming the program does one thing, when it really does another,” the team wrote.
RetDec has been in development since 2011, when it was created as a joint project by AVG Technologies and the Faculty of Information Technology of the Brno University of Technology in the Czech Republic. AVG was acquired by Avast in 2016, so it continued to work on finishing the compiler.
Features include new support file formats and architectures, static analysis of executable files, compiler and packer detection, loading and instruction decoding, signature-based removal of statically linked library code, and more. For a complete list of features, see here.
Developers can try out the decompiler in their browser using Avast’s web service. It can also be accessed using the REST API.
Top 5 trending projects on GitHub this week:
- parcel: Blazing fast, zero configuration web application bundler
- Turi Create: A project designed to simplify the development of custom machine learning models
- Coding Interview University: Study to become a software engineer
- muuri: Responsive, sortable, filterable and draggable grid layouts