Overview

JEB Decompiler for Intel x86 is a powerful tool designed for reverse engineers to analyze malicious Intel x86 32-bit and 64-bit programs. It provides interactive decompilers for x86 and x86-64 binaries, allowing users to cut down on costly reverse engineering time and efficiently analyze Windows malware. JEB's Intel x86 analysis modules offer augmented disassembly, decompilation to C-like source code, advanced optimization passes, type libraries, signature libraries, and interactive refactoring capabilities.

Features

• Support for Code Object Files: Analyze various code object files, including Windows PE (EXE binaries, DLL libraries, SYS drivers), Linux ELF, Mach-O, and headless firmware.
• Augmented Disassembly: Resolve dynamic callsites, determine candidate values for registers, and create dynamic cross-references.
• Decompilation to C-like Source Code: Decompile x86 and x86-64 binaries to readable C-like source code.
• Advanced Optimization Passes: Thwart protected or obfuscated code with advanced optimization techniques.
• Type Libraries: Utilize type libraries for efficient file analysis, including win32, winddk, linux glibc, android-linux, and more.
• Signature Libraries: Access traditional and codeless signature libraries for common SDKs and libraries used in both malicious and clean applications.
• Interactive Refactoring: Use the GUI client for interactive refactoring, including type definition, stackframe building, renaming, commenting, and cross-referencing.
• Full API Access: Perform advanced and automated code analysis using the Intermediate Representations in Python or Java.
• Safe Emulation: Emulate in-place decryption of obfuscated code safely.
• Partial Class Recovery: Recover and decompile classes to C++ for programs compiled with MS VCPP.

Benefits

• Efficiency: Reduce reverse engineering time by decompiling obfuscated binaries and examining code quickly.
• Comprehensive Analysis: Perform thorough analysis with augmented disassembly, decompilation, and optimization techniques.
• Flexibility: Customize and automate reverse engineering tasks using the JEB API.
• Security Audits: Conduct detailed security audits to identify vulnerabilities and ensure application integrity.
• Ease of Use: Utilize an interactive GUI client for efficient refactoring and analysis.
• Integration: Seamlessly integrate with other tools and workflows to enhance productivity and collaboration.