JEB Decompiler

JEB is a reverse-engineering platform to perform disassembly, decompilation, debugging, and analysis of code and document files, manually or as part of an analysis pipeline.

Android Decompiler + Android Debuggers Use JEB to perform reverse engineering of malicious APKs and security audits.

• Decompile code using our Dalvik decompiler, including multi-dex APK.
• Refactor the analysis to defeat obfuscated code generated by application protectors.
• Reconstruct resources and obfuscated XML files
• Debug Dalvik code as well as all native code (Intel, ARM), seamlessly
• Automate and script your reverse engineering tasks via our API.

ARM Decompiler Use JEB to reverse engineer programs and malware written for ARM platforms.

• Augmented disassembly including resolution of dynamic callsites and syscalls, candidate values determination for registers, dynamic cross-references, etc.
• Decompilation of ARM 32-bit and ARM-Thumb code to pseudo-C source code.
• Advanced optimization passes to thwart protected or obfuscated code.
• Interactive layer allowing refactoring: type definition, stackframe building, renaming/commenting/cross-referencing, etc.
• Full API to perform advanced and/or automated code analysis in Python or Java.

MIPS Decompiler Use JEB to reverse engineer MIPS embedded programs and malware.

• Augmented disassembly including resolution of dynamic callsites and syscalls, candidate values determination for registers, dynamic cross-references, etc.
• Decompilation of MIPS 32-bit to pseudo-C source code.
• Advanced optimization passes to thwart protected or obfuscated code.
• Interactive layer allowing refactoring: type definition, stackframe building, renaming/commenting/cross-referencing, etc.
• Full API to perform advanced and/or automated code analysis in Python or Java.

Intel Decompiler Use JEB to reverse engineer x86 32-bit and x86 64-bit programs and malware.

• Augmented disassembly including resolution of dynamic callsites, candidate values determination for registers, dynamic cross-references, etc.
• Decompilation of x86 and x86-64 to pseudo-C source code.
• Partial Class Recovery and Decompilation to C++ or programs compiled with MS VCPP
• Advanced optimization passes to thwart protected or obfuscated code.
• Win32 type librariesand common signatures for efficient Windows file analysis.
• Interactive layer allowing refactoring: type definition, stackframe building, renaming/commenting/cross-referencing, etc.
• Full API and access to the Intermediate Representations to perform advanced and/or automated code analysis in Python or Java.

WebAssembly Decompiler Use JEB to reverse engineer WebAssmebly binary modules.

•  Augmented disassembly and parsing of wasm binary modules.
• Decompilation of wasm bytecode to pseudo-C source code.
• Advanced optimization passes to thwart protected or obfuscated code.
• Interactive layer for typing/renaming/commenting/cross-referencing, etc.
• Full API access for scripting and plugins.

JEB WebAssembly plugins can also be used to decompile Smart Contracts compiled to wasm, such as EOS or Parity contracts.

Ethereum Decompliler

• Decompile EVM contract code to Solidity-like high-level code using our Ethereum decompiler.
• Annotate the analysis results to better understand what the compiled contract or dApp is doing.
• Automate or script your reverse engineering tasks via our API

PDF Document Analyzer Analyze malicious Adobe PDF files using the PDF document analyzer in the industry

• Break-down the PDF structure into a visually compelling and navigable tree.
• Deal with corrupt files, complex streams (eg, multiple encodings, etc.).
• Retrieve 20+ notifications and alerts generated by the analyzer to pin-point suspicious areas and use them to issue a determination on the file.
• Extract embedded Javascript even in the most extreme cases.
• Automate the reverse engineering process via the JEB API to perform bulk analysis.