DIOTA is a just-in-time instrumentation tool for Intel binaries. It allows you to create a dynamic loadable library that can be attached to a program running under Linux. DIOTA can instrument all memory operations in the application and the used libraries (e.g., for checking for faulty memory accesses), calls of dynamically linked procedures (malloc, printf, etc.), detect the code executed during a particular run, and more.
joeq is a Java 2 (JDK 1.3 and 1.4) compatible virtual machine. It is unique in that it is entirely implemented in Java, leading to greater reliability, portability, maintainability, and efficiency. It is also language-independent, so code from any supported language can be seamlessly compiled, linked, and executed dynamically.
The GCC XML Tree Node Introspector project consists of a patch to the gcc compiler to output the internal compiler tree nodes in RDF/XML and programs to process that RDF/XML. The tree nodes are complex data structures which represent the source code inside the compiler. Through these tree nodes, users are able to extract information from their programs that would be otherwise very difficult to obtain. Modules exist to store these nodes in Redland RDF using a Berkley database. The long-term goal of the project is create a high-level API that will make the programmatic manipulation of programs easier than it is now.
Chump is a table-driven assembler and dissembler with a very fast new architecture input format. Both the assembler and disassembler are created using a single description. It comes with descriptions for ARM, MIPS, Stump, and 6809. It is intended for use as a library compiled with other programs to allow line assembly and disassembly.
The Examiner is a tool to analyze foreign binary executables. Its goal is to provide a commented, disassembled version of the code without running the program. It analyzes possibly hostile executables that an intruder may have placed on a system. It was designed for forensic purposes but could be used for basic reverse-engineering goals as well.
Fenris is a multipurpose tracer, debugger, and code analysis tool that detects and documents high-level language constructions, can recover symbols, graph program execution flow, detect internal functions, recover symbol tables, and deal with anti-debugging protection. It features a command-line interface as well as a SoftICE-alike GUI and Web frontend.
The Obcode (obfuscated code) library allows the programmer to perform arithmetic (e.g. data encryption and serial code generation) over abstract, parameterizable, and obfuscated data types using special high-level operators. The resulting low-level binary code doesn't reveal any real data directly and is if not very difficult, then at least very boring to reverse engineer and trace.