Today I’ll give you an ultimate list of the best EXE decompilers. These tools will allow you to decompile EXE (executable) files to view the actual source code behind them. Decompiling a .exe file is helpful if you want to understand how the program works without having access to the original source code.
If you know the name of the programming language in which the source code of your EXE file was written then it will be very helpful. Because most of the EXE decompiler tools are language specific.
For example, EXE to C++ decompiler, EXE to Python decompiler, EXE to C decompiler, EXE to C# decompiler, EXE to Java decompiler, EXE to AU3 decompiler, EXE to MFA decompiler, etc.
In case you don’t know the language, then don’t worry. There are some decompilers that can convert the .exe file to your specified programming language source code.
To make things easier for you, I have selected the best EXE decompilers for many popular programming languages.
This ultimate list is consist of free, paid, open source, and online EXE decompilers.
Let’s look at each of them and then select the best option that can fulfill your specific requirements.
dotPeek is a free-of-charge standalone tool based on ReSharper‘s bundled decompiler. It can reliably decompile any .NET assembly into equivalent C# or IL code.
The decompiler supports multiple formats including libraries (.dll), executables (.exe), and Windows metadata files (.winmd).
dotPeek can also decompile .baml files, enabling you to reconstruct XAML UI definitions.
In addition to traditional assemblies and executables, you can have dotPeek open archives (.zip, .vsix, or .nupkg) and folders. You can also find and load NuGet packages (and their dependencies) from any online package source, or load packages listed in packages.config file in your Visual Studio project.
Decompiler reads program binaries, decompiles them, infers data types, and emits structured C source code. Designed with a pluggable architecture, it currently has:
Decompiler comes with a GUI and a command-line interface.
Telerik JustDecompile is one of the fastest decompilers for DLL files which are coded in .NET and C#. It offers an open API for everyone to create extensions. You can easily search the code once it is decompiled with JustDecompile.
The Telerik JustDecompile engine is open source. It means you can easily extend its functionality as well as leverage everyone else’s fixes and additions.
VB Decompiler is an advanced tool that can decompile programs (EXE, DLL, or OCX) written in Visual Basic 5.0/6.0 and disassemble programs based on .NET technology. As you know, programs written in Visual Basic can be compiled to interpreted p-code or to native code, and a .NET assembly is always compiled to Microsoft intermediate language (MSIL).
Decompile, understand, and fix any .NET code, even if you don’t have the source. By using .NET Reflector you can easily look inside any .NET code.
Are you a software developer? Then, you’d certainly appreciate an advanced tool, such as Visual Studio Decompiler. What if you worked for a client years ago and asks for new modifications, only you long lost the source code? Or if you’re asked to add something to an application that was developed by a freelancer who didn’t share the code? Then all you have to decompile the binary files with this utility and get access to a code that you can edit.
Download Visual Studio Decompiler if you need access to the sources of .NET applications.
unEbookWorkshop is an .EXE e-book decompiler and extractor. unEbookWorkshop can decompile any .EXE e-books that were compiled by ebook Workshop and extract all source files from the e-book! Run unEbookWorkshop, simply select an e-book that was made by e-book Workshop, press the button “Start”, select a folder for output, and in a short time you will get all source files of the ebook!
Resource Hacker™ is a resource editor for 32bit and 64bit Windows® applications. It’s both a resource compiler (for *.rc files), and a decompiler – enabling the viewing and editing of resources in executables (*.exe; *.dll; *.scr; etc) and compiled resource libraries (*.res, *.mui). While Resource Hacker™ is primarily a GUI application, it also provides many options for compiling and decompiling resources from the command line.
It is also known as a freeware resource compiler & decompiler for Windows® applications.
PyInstaller Extractor is a Python script to extract the contents of a PyInstaller generated Windows executable file. The contents of the pyz file (usually pyc files) present inside the executable are also extracted.
The header of the pyc files are automatically fixed so that a Python bytecode decompiler will recognize it. The script can run on both Python 2.x and 3.x. Pyinstaller versions 2.0, 2.1, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 4.5.1, 4.6, 4.7, 4.8, 4.9, 4.10, 5.0, 5.0.1, 5.1 are tested & supported. Probably will work with other versions too.
RetDec is a retargetable machine-code decompiler based on LLVM.
The decompiler is not limited to any particular target architecture, operating system, or executable file format:
Recover source code from crashes and convert .NET executables to C#, VB.Net, J#, Delphi.Net and managed C++.
Spices.Net Decompiler offers a productivity package for .NET software developers that is exceptional in the industry for ease of use and top-of-the-range performance.
Spices.Net Decompiler is an efficient and flexible tool, that converts .NET binaries (.EXE or .DLL) from binary format to a beautifully formatted, optimized, and commented source code, generates equivalent and recompilable code that is remarkably close to the original source code, product of well known Spices.Net products family.
.Net Decompiler is completely integrated with Spices.NET and offers tools to decompile or visually represent .Net code, helps to recover or convert .Net code to one of six supported languages: MSIL, C#, VB.NET, Delphi.NET, J#, or managed C++.
Decompiler.com offers the functionality of an EXE decompiler online.
Drag and drop your artifact into the online decompiler to view the content online or download it. .exe and .dll .NET decompilation back to the C# project. Navigate through and inspect decompiled code online without installing anything.
The PE Explorer Disassembler is designed to be easy to use compared with other disassemblers. To that end, some of the functionality found in other products has been left out in order to keep the process simple and fast. While as powerful as the more expensive, dedicated disassemblers, PE Explorer focuses on ease of use, clarity, and navigation.
The PE Explorer disassembler assumes that some manual editing of the reproduced code will be needed. To facilitate additional hand coding, however, the disassembler utilizes a qualitative algorithm designed to reconstruct the assembly language source code of target binary win32 PE files (EXE, DLL, OCX) with the highest degree of accuracy possible.
C4Decompiler is a general machine code C decompiler.
C4Decompiler is a free program that allows you to perform analysis that reveals the full details of the function’s interaction with the app. The program deduces the data types from the operations performed on them and then propagated and synchronized globally.
A general, open source, retargetable decompiler of machine code programs.
After a program has been thrown into the world in binary form, it can boomerang back as source code. The Boomerang reverse engineering framework is the first general native executable decompiler available to the public.
This project is an attempt to develop a real decompiler for machine code programs through the open source community. A decompiler takes as input an executable file and attempts to create a high-level, compilable, possibly even maintainable source file that does the same thing. It is therefore the opposite of a compiler, which takes a source file and makes an executable.
However, a general decompiler does not attempt to reverse every action of the decompiler, rather it transforms the input program repeatedly until the result is high-level source code. It therefore won’t recreate the original source file; probably nothing like it. It does not matter if the executable file has symbols or not, or was compiled from any particular language. (However, declarative languages like ML are not considered.)
The intent is to create a retargetable decompiler (i.e. one that can decompile different types of machine code files with modest effort, e.g. X86-windows, sparc-solaris, etc). It was also intended to be highly modular so that different parts of the decompiler can be replaced with experimental modules. It was intended to eventually become interactive, a la IDA Pro, because some things (not just variable names and comments, though these are obviously very important) require expert intervention. Whether the interactivity belongs in the decompiler or in a separate tool remains unclear.
REC Studio is an interactive decompiler.
It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file.
It has been designed to read files produced for many different targets, and it has been compiled on several host systems.
REC Studio 4 is a complete rewrite of the original REC decompiler. It uses more powerful analysis techniques such as partial Single Static Assignment (SSA), allows loading Mac OS X files and supports 32 and 64 bit binaries.
Although still under development, it has reached a stage that makes it more useful than the old Rec Studio 2.
As mentioned, Rec Studio 4 is still under development. Most target independent features have been completed, such as:
The best-of-breed binary code analysis tool is an indispensable item in the toolbox of world-class software analysts, reverse engineers, malware analysts, and cybersecurity professionals.
IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation (assembly language). Advanced techniques have been implemented into IDA Pro so that it can generate assembly language source code from machine-executable code and make this complex code more human-readable.
The debugging feature augmented IDA with the dynamic analysis. It supports multiple debugging targets and can handle remote applications. Its cross-platform debugging capability enables instant debugging, easy connection to both local and remote processes, and support for 64-bit systems and new connection possibilities.
This is a heavily updated version of the old DOS executable decompiler DCC
Note that the dcc_oo.exe program (in dcc32.zip) is a 32 bit program, so it won’t work under Windows 3.1. Also, it is a console mode program, meaning that it has to be run in the “Command Prompt” window (sometimes known as the “Dos Box”). It is not a GUI program.
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may also develop their own Ghidra extension components and/or scripts using Java or Python.
In support of the NSA’s Cybersecurity mission, Ghidra was built to solve scaling and teaming problems on complex SRE efforts, and to provide a customizable and extensible SRE research platform. NSA has applied Ghidra SRE capabilities to a variety of problems that involve analyzing malicious code and generating deep insights for SRE analysts who seek a better understanding of potential vulnerabilities in networks and systems.
Reko (Swedish: “decent, obliging”) is a decompiler for machine code binaries. This project is freely available under the GNU General Public License.
The project consists of front ends, a core decompiler engine, and back ends to help it achieve its goals. A command line, a Windows GUI, and an ASP.NET front end exist at the time of writing. The decompiler engine receives inputs from the front ends in the form of either individual executable files or decompiler project files. Reko project files contain additional information about a binary file, helpful to the decompilation process or for formatting the output. The decompiler engine then proceeds to analyze the input binary.
Reko has the ambition of supporting the decompilation of various processor architectures and executable file formats with minimal user intervention. For a complete list, see the supported binaries page.
Please note that many software licenses prohibit decompilation or reverse engineering of their machine code binaries. Use this decompiler only if you have legal rights to decompile the binary (for instance if the binary is your own.)
We evaluated the performance of Llama 3.1 vs GPT-4 models on over 150 benchmark datasets…
The manufacturing industry is undergoing a significant transformation with the advent of Industrial IoT Solutions.…
If you're reading this, you must have heard the buzz about ChatGPT and its incredible…
How to Use ChatGPT in Cybersecurity If you're a cybersecurity geek, you've probably heard about…
Introduction In the dynamic world of cryptocurrencies, staying informed about the latest market trends is…
The Events Calendar Widgets for Elementor has become easiest solution for managing events on WordPress…
