REC is a portable reverse engineering compiler, or decompiler. It reads an executable file and attempts to produce a C-like representation of the code and data used to build it. It can decompile 386, 68k, PowerPC, and MIPS R3000 programs. It recognizes the following file formats: ELF (System V Rel. 4, e.g. Linux, Solaris, etc.), COFF (System V Rel. 3.x, e.g. SCO), PE (Win32 .EXE and .DLL for Microsoft Windows 95 and NT), AOUT (BSD derivatives, e.g. SunOS 4.x), Playstation PS-X (MIPS target only), and raw binary data (via .cmd files).
Fenris is a multipurpose tracer, debugger, and code analysis tool that detects and documents high-level language constructions, can recover symbols, graph program execution flow, detect internal functions, recover symbol tables, and deal with anti-debugging protection. It features a command-line interface as well as a SoftICE-alike GUI and Web frontend.
The GCC XML Tree Node Introspector project consists of a patch to the gcc compiler to output the internal compiler tree nodes in RDF/XML and programs to process that RDF/XML. The tree nodes are complex data structures which represent the source code inside the compiler. Through these tree nodes, users are able to extract information from their programs that would be otherwise very difficult to obtain. Modules exist to store these nodes in Redland RDF using a Berkley database. The long-term goal of the project is create a high-level API that will make the programmatic manipulation of programs easier than it is now.
Industria is a collection of portable R6RS Scheme libraries for cryptography (AES, DES, Blowfish, HMAC, MD5, SHA-1, SHA-2, RSA, DSA, etc.), zip/gzip/zlib decompression, disassembly of amd64 machine code, Off-The-Record messaging, bytevector pack/unpack syntax, TLS connections via custom binary ports, and more.
Linice is a source-level kernel debugger for x86 systems with the look and feel of SoftIce for MS Windows. It is designed for people who are already familiar with SoftIce, but anyone can quickly get used to it. It can break into a running kernel at any time using a hotkey and supports breakpoints and single step on modules, the kernel, or user programs. It supports the VGA frame buffer, the X Window System, serial connections, and monochrome adapters.