What is Relyze?
Relyze Desktop lets you reverse engineer, decompile along with diff x86, x64, ARM32, and ARM64 Computer Software.
Load PE and ELF binaries
Navigate a binaries arrangement and discover how it's composed. Picture the information and enhance the analysis together with symbols.
Decompile low-level native code to some top-level pseudo-code, helping you quickly understand program behavior.
Alter and annotate the investigation as possible work. Explore the connections between data and code using interactive control stream, call, and benchmark charts.
Perform a differential evaluation contrary to two binaries and explore their similarities and differences.
Relyze Desktop uses a slick modern interface using a level UI design ethos to bring the evaluation into center stage.
A wealthy Ruby plugin frame enables you to enlarge Relyze Desktop's capacities along with your own plugins.
Relyze Great Attributes:
Examine and research PE and ELF binaries
Relyze Desktop has extensive coverage for Portable Executable (PE) and Executable and Linking Format (ELF) binaries, permitting you to comprehend a binaries article and leverage that rich meta information for evaluation. Symbol formats like PDB, embedded COFF, STAB, TDS, and MAP files may also be loaded to enhance the disassembly and investigation further. Item files and item archives are also encouraged. Supported architectures include x86, x64, ARM32 (ARMv7 including Thumb mode), and ARM64 (AArch64).
Utilize the research outline to get fast insight into a binary. Display information about the document, its affiliated hashes, embed document info, accessible safety mitigations, analysis data, entropy charts, and other embedded safety certifications.
Visualize the information
Utilize the entropy chart to spot packaged or encrypted information along with other anomalies. The entropy chart overlays corresponding file segments and can be interactive to navigate in the arrangement or code viewpoints to discover more.
Research the construction
Drill down to some documents structure to determine precisely how it's composed. Learn more about the design further together with the hex editor, decoding, and hunting for information on the fly. You might also leverage custom decoders to control parts of information.
Examine x86, x64, ARM32, and ARM64 code
Relyze Desktop enables you to disassemble and examine x86, x64, ARM32, and ARM64 code and includes support for the most recent instruction set extensions. The plugin framework displays full accessibility to this disassembler so that you can script it as you want.
Our decompiler enables you to quickly comprehend a program's behavior by emitting a top level pseudo-code for a purpose. The decompiler is totally interactive, allowing you to rename and retype factors, browse variable testimonials, and much more.
Interactive Binary Diffing
Perform a differential evaluation contrary to two binaries and detect their similarities and differences. Learn what works are altered, added, or removed. Fantastic for patch evaluation when verifying safety fixes or if assessing malware versions.
Pseudocode Binary Diffing
Leverage the decompiler and carry out pseudo-code diffing to comprehend code alterations via a comfortable diffing interface rapidly.
Relyze Desktop can do concurrent analysis and use all available processor cores, letting you float through big binaries and complete the investigation as quickly as possible.
Edit the code
With an integrated assembler for each supporting structure, it is possible to edit an education on the fly and then place the binary. The study will reprocess the altered instructions to upgrade the analysis. The plugin framework displays full accessibility to this assembler, so it's possible to script it as you want.
Implements control flow charts
Relyze Desktop visualizes interactive control flow charts, lets you navigate roles code avenues, and socializes with local factors, directions, and other attributes.
Navigate Call Graphs
Create and explore interactive telephone graphs utilizing multiple chart layout algorithms. Our DirectX established hardware-accelerated chart rendering engine lets you explore big complicated maps with a buttery smooth interface.
The automated analysis explains functions, their parameters, and other meta information like calling conventions. A process's local variables are automatically analyzed and displayed from the purposes control flow chart so that you can interact together, finding references to sailors, upgrading their information types, and much more.
Watch All of the code paths.
Get the whole control flow graph for a function with an automatic jump table and exception handler evaluation. Discover code paths that would otherwise be observable.
Resolve indirect calls
When a potential diagnosis can solve indirect telephone aims to provide you with the complete image of a works logic.
Instantly look for and identify fascinating areas of the investigation or navigate through everything. Things like sections, imports, exports, purposes, strings, strings, logo lines and hunt results are merged in a unified place for simple traversal.
Data type evaluation
Automated analysis finds information and explains suitable data types either via investigation or through symbols when accessible. Identify primitive forms, strings, complex structures and much more.
Static Library Diagnosis
Carefully identify commonly linked in static library code, for example compiler runtimes, through static library investigation. Identified static library works have been renamed to their original purposes titles, speeding up your capacity to examine the code.
Create and handle custom information types
Handle the available data types and make new forms by defining them using C/C++ declarations. You could even import C/C++ header files to get into the information types defined inside them. Export the accessible data types as C/C++ headers for interoperability with your tools.
Discover the connections between data and code using interactive benchmark charts. You can create reference charts either to specific goals or originating from particular targets. Socialize with these benchmark charts and browse the code and information you find.
Use chart path highlighting to find all of the ways between any two nodes in a chart. Identify the shortest route to an intriguing code cube, or all possible directions to your information in a reference chart.
Custom address manners
Display and browse code based on relative virtual addresses or virtual addresses. Immediately re-base a binary into a new digital base speech, great once you're using Relyze Desktop along with your debugger and need to take care of address space layout randomization (ASLR).
Expand with plugins
Leverage a wealthy Ruby plugin framework to enlarge Relyze Desktop with new capacities and execute tailored evaluation or study contrary to a binary. An incorporated plugin editor lets you quickly test your thoughts and what runs as expected directly from the box, no extra setup or third-party libraries needed.
Utilize the integrated library supervisor to record every file you examine so you're able to develop a corpus as time passes. Employ your archives with tags and descriptions to readily find and categorize them.
Automated batch evaluation
Process considerable quantities of documents through built in batch evaluation. Batch investigation runs parallel to blaze through numerous papers quickly, automatically label and archive to your own library or operate customized plugins.
Use the GUI's multi-purpose layout to browse between modules to get a fluid analysis encounter. Double-clicking on a import from 1 module can navigate you to the corresponding export in a different version.
Custom GUI topics
The GUI is completely themeable to provide you the very best viewing experience.
The GUI has full Unicode support, letting you use Unicode characters in all function and variable names in addition to remarks and any other person editable parts of the analysis.
Command Line service
Run plugins and examine binaries on the command line, letting you integrate with your current tool chains or construct new work streams.