---
layout: default
permalink: /RE101/section3/
title: RE Tools
---
[Go Back to Reverse Engineering Malware 101](https://securedorg.github.io/RE101/)

# Section 3: Reverse Engineering (RE) Tools #


## Disassembler

* [Ida](https://www.hex-rays.com/products/ida/)
  * Free (Used in this worksop)
  * Pro
* [Radare](https://www.radare.org)
* [Capstone](http://www.capstone-engine.org/)

## Decompilers

* [Snowman](https://derevenets.com/)
* [dotPeek](https://www.jetbrains.com/decompiler/) .NET decompiler

## Debuggers

* [x64dbg](http://x64dbg.com/) (Used in this worksop)
* [Immunity](https://www.immunityinc.com/products/debugger/)
* [OllyDbg](http://www.ollydbg.de/)  (Most Popular)
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit)

## Information Gathering

* [CFF Explorer](http://www.ntcore.com/exsuite.php)
* [Sysinternals Suite](https://technet.microsoft.com/en-us/sysinternals/bb842062.aspx)
  * procmon
  * procexplorer
* [InetSim: Internet Services Simulation Suite](http://www.inetsim.org/downloads.html)
* [Yara: pattern matching rule engine](https://virustotal.github.io/yara/)
* [Wireshark](https://www.wireshark.org/download.html) - network sniffing
* [API Monitor](http://www.rohitab.com/downloads)
  
## Support

* [HxD Hex Editor](https://mh-nexus.de/en/hxd/)
* [Python](https://www.python.org/downloads/) - used for automating tasks


[Section 2 <- Back](https://securedorg.github.io/RE101/section2) | [Next -> Section 4](https://securedorg.github.io/RE101/section4)