CTF Support
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. CTF Support
  2. /
  3. Reverse Engineering
  4. /
  5. Decompilers
Edit page

Decompilers

Introduction

Decompilers allow you to recover source-like representations from compiled code such as .NET assemblies, Java archives, Python bytecode, or Flash objects. In CTF reverse engineering challenges, this step often exposes authentication routines, flag checks, or encryption functions hidden in compiled applications.

Quick Reference

Purpose Command / Tool
Decompile Java .class / .jar jadx-gui file.apk or java -jar JD-GUI.jar file.jar
Decompile .NET binaries ilspycmd or dnSpyEx
Decompile Python .pyc uncompyle6 file.pyc, pycdc file.pyc
Extract PyInstaller executables python pyinstxtractor.py target.exe

Tools

Tool Platform Purpose
ILSpy .NET Decompile assemblies and view C#/IL code
ilspy-vscode .NET Decompile .NET assemblies in VS Code
AvaloniaILSpy .NET Avalonia fork of ILSpy
dnSpy .NET .NET debugger and decompiler
dnSpyEx .NET Advanced .NET debugger and decompiler
dotPeek .NET .NET decompiler from JetBrains
JADX Java / Android Decompile Dex or APKs
Bytecode Viewer Java / Android Decompile Dex or APKs
JD‑GUI Java GUI viewer for .class / .jar source
uncompyle6 Python ≤ 3.8 Decompile .pyc bytecode
Decompyle++ Python ≥ 3.9 Alternative modern Python decompiler
pyinstxtractor Python EXE Decompile PyInstaller executables
pycdc Python C++ Decompiler for Python 2.x and 3.x
JPEXS Decompiler Flash Decompile .swf (ActionScript) files
AutoIt v3.2.4.9 AutoIt Scripts Analyze or decompile AutoIt-compiled executables

Tips

  • Prefer GUI tools when exploring multiple assemblies, ILSpy and JADX integrate tree views for navigation.
  • Some CTFs hide flags in string constants or hardcoded URLs visible only after decompilation.