Cut down on reverse engineering time: use our interactive RISC-V decompilers to analyze RV32/RV64 binaries.
RISC-V plugins features:
Code object files: support RISC-V in Linux ELF, Windows PE, or headless code (e.g. firmware).
Disassembler: support for RV32/RV64, regular and compressed opcodes for the following ISA extensions: I (integer), Zifencei, Zicsr,
M (multiply), A (atomic), F (single-float), D (double-float), C (compressed). Note that RV128, RVE (embedded) and other more "exotic" extensions (mem tx, simd, vectors, etc.) are currently not supported.
Decompilation: support for RVI (decompilation of the integer/general-purpose operations) for 32-bit and 64-bit. Decompiler support for F/D extensions (floating-point instructions) is a planned addition.
Relocations: support for common ELF relocations specific to RISC-V. Common PLT resolver stubs are handled.
Calling conventions: calling conventions ILP32D and LP64D are supported. Custom calling conventions can be defined.
Type libraries: ARM or MIPS type libraries for Linux 32/64 or Windows 32/64 can be reused.
A non-exhaustive list of other JEB features shared by all native code plugins (not specific to RISC-V):
Interactive layer offered by the GUI client, allowing refactoring: renaming/commenting/cross-referencing, type definition, stackframe building, etc.
Advanced analysis to detect tail-calls, non-returning methods, switch-like idioms, etc.
Advanced decompiler optimization passes to thwart protected or obfuscated code. Power users can craft their
own IR optimizers (example)
Type libraries for efficient file analysis. JEB ships with typelibs for win32, winddk, linux glibc, android-linux, etc.
Power-users can generate their own typelibs as well (details)
Traditional signature libraries of common SDK, including all versions of Microsoft Visual Studio runtimes, the Android NDK, etc.
Codeless signature libraries for common libraries used in malicious and clean applications alike, such as openssl, libssh2, libcurl, etc.
Full API and access to the Intermediate Representations to perform advanced and/or automated code analysis in Python or Java
Safe emulation for in-place decryption of obfuscated code.
Example: Debian RISC-V 64-bit, unzip program (click to expand to a full JEB window view)
The RISC-V reverse-engineering modules ship with JEB Pro. A trial version with limitations ship with JEB Demo.