Alternatives and similar repositories for Detect-It-Easy

Users that are interested in Detect-It-Easy are comparing it to the libraries listed below

• horsicq / DIE-engine

  View on GitHub
  DIE engine
  ☆2,962Updated this week
• x64dbg / x64dbg

  View on GitHub
  An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
  ☆47,738Feb 7, 2026Updated last week
• x64dbg / ScyllaHide

  View on GitHub
  Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
  ☆4,001Jun 4, 2024Updated last year
• hasherezade / pe-sieve

  View on GitHub
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,553Oct 31, 2025Updated 3 months ago
• mandiant / capa

  View on GitHub
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,821Updated this week
• winsiderss / systeminformer

  View on GitHub
  A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsid…
  ☆13,616Updated this week
• hasherezade / pe-bear

  View on GitHub
  Portable Executable reversing tool with a friendly GUI
  ☆3,475Nov 2, 2025Updated 3 months ago
• rizinorg / cutter

  View on GitHub
  Free and Open Source Reverse Engineering Platform powered by rizin
  ☆18,355Feb 6, 2026Updated last week
• de4dot / de4dot

  View on GitHub
  .NET deobfuscator and unpacker.
  ☆7,340Aug 29, 2020Updated 5 years ago
• NationalSecurityAgency / ghidra

  View on GitHub
  Ghidra is a software reverse engineering (SRE) framework
  ☆64,304Updated this week
• mandiant / flare-vm

  View on GitHub
  A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…
  ☆8,338Dec 23, 2025Updated last month
• ayoubfaouzi / al-khaser

  View on GitHub
  Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
  ☆6,849Feb 1, 2026Updated last week
• mrexodia / TitanHide

  View on GitHub
  Hiding kernel-driver for x86/x64.
  ☆2,609Sep 2, 2025Updated 5 months ago
• dnSpy / dnSpy

  View on GitHub
  .NET debugger and assembly editor
  ☆28,930Dec 20, 2020Updated 5 years ago
• mandiant / flare-floss

  View on GitHub
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,877Feb 3, 2026Updated last week
• dnSpyEx / dnSpy

  View on GitHub
  Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
  ☆9,760Jan 29, 2026Updated 2 weeks ago
• horsicq / Nauz-File-Detector

  View on GitHub
  Linker/Compiler/Tool detector for Windows, Linux and MacOS.
  ☆568Updated this week
• HyperDbg / HyperDbg

  View on GitHub
  State-of-the-art native debugging tools
  ☆3,627Updated this week
• WerWolv / ImHex

  View on GitHub
  🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
  ☆52,592Updated this week
• qilingframework / qiling

  View on GitHub
  A True Instrumentable Binary Emulation Framework
  ☆5,807Nov 5, 2025Updated 3 months ago
• hfiref0x / UACME

  View on GitHub
  Defeating Windows User Account Control
  ☆7,350Jan 11, 2026Updated last month
• can1357 / NoVmp

  View on GitHub
  A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
  ☆2,080Aug 8, 2021Updated 4 years ago
• onethawt / idaplugins-list

  View on GitHub
  A list of IDA Plugins
  ☆3,805May 31, 2024Updated last year
• TheWover / donut

  View on GitHub
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆4,452Jul 8, 2025Updated 7 months ago
• NtQuery / Scylla

  View on GitHub
  Imports Reconstructor
  ☆1,324Apr 5, 2023Updated 2 years ago
• horsicq / XPEViewer

  View on GitHub
  PE file viewer/editor for Windows, Linux and MacOS.
  ☆1,189Updated this week
• ThunderCls / xAnalyzer

  View on GitHub
  xAnalyzer plugin for x64dbg
  ☆1,185Aug 13, 2025Updated 6 months ago
• capstone-engine / capstone

  View on GitHub
  Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX,…
  ☆8,545Updated this week
• mandiant / flare-ida

  View on GitHub
  IDA Pro utilities from FLARE team
  ☆2,435Oct 29, 2024Updated last year
• hasherezade / hollows_hunter

  View on GitHub
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,310Oct 31, 2025Updated 3 months ago
• unicorn-engine / unicorn

  View on GitHub
  Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
  ☆8,747Jan 17, 2026Updated 3 weeks ago
• mentebinaria / retoolkit

  View on GitHub
  Reverse Engineer's Toolkit
  ☆5,167May 1, 2025Updated 9 months ago
• gentilkiwi / mimikatz

  View on GitHub
  A little tool to play with Windows security
  ☆21,253May 11, 2025Updated 9 months ago
• DarthTon / Blackbone

  View on GitHub
  Windows memory hacking library
  ☆5,343Jan 26, 2024Updated 2 years ago
• bootleg / ret-sync

  View on GitHub
  ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja…
  ☆2,296Jan 29, 2026Updated 2 weeks ago
• lief-project / LIEF

  View on GitHub
  LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
  ☆5,272Feb 3, 2026Updated last week
• hasherezade / tiny_tracer

  View on GitHub
  A Pin Tool for tracing API calls etc
  ☆1,616Updated this week
• radareorg / radare2

  View on GitHub
  UNIX-like reverse engineering framework and command-line toolset
  ☆23,053Feb 7, 2026Updated last week
• VirusTotal / yara

  View on GitHub
  The pattern matching swiss knife
  ☆9,408Updated this week