Capstone is based on LLVM, that you cannot beat in term of architectures and industrial quality, and has great plugins, which make it kind of my favorite.
Of course, for non-scripting needs, you need decent graphical interfaces, as provided by these ones:
IDA is clearly the best, but Hopper is a fair choice if you need it and you can't afford IDA license for personal use.
[Edit: add forgotten IDA and Hopper...]
If you take a look to e.g. McSema https://github.com/trailofbits/mcsema, these guys have been able to use LLVM to transform assembly back to LLVM intermediate representation (IR). The IR is an abstract language used by LLVM during compilation to optimize the generated code. Being abstract basically allows to use optimizers across all LLVM supported architectures.
In these terms, I think LLVM has a clear advantage over competitors.
The following blog post give a nice overview of the McSema achievements: http://blog.trailofbits.com/2014/06/23/a-preview-of-mcsema/
What you did with McSema was really impressive and I’m glad discussing with one of the authors! I get the point you regret using LLVM, it seemed to me to be the best choice since LLVM has wide instruction semantics implementations, that more basic tools such as Xed do not offer.
If I get it correctly… you would rather re-implement such semantic yourself? Or have you got any other tool / idea I’m not aware of?
Where is the request form?
Been using it for a while and like it allot, has a great interface for reversing and diffing win binaries. Will be keeping an eye on Panopticon, looks promising :)
Binary Ninja also supports inline editing of assembly and a custom compiler for dropping simple C replacements directly on top of existing functionality.
Honestly, do we really need another static analysis tool? Hopper and radare2 have covered the open source gap fairly well. I'd put r2 on near-power-parity of IDA if you invest the time to learn and configure it, which admittedly is an expensive proposition in labor who already knows IDA. It'll take him more days in salary to learn a new platform than just to pay the 5k and get him a IDA/HexRays license.
 U of Maryland holds the patent; information here, https://www.google.co.uk/patents/US8510723
 https://www.cs.umd.edu/class/fall2005/cmsc714/Lectures/byrd-... Though, I'm sure you've seen it already
Definitely. IDA Pro is proprietary software and the possibilities of IDAPython are limited. IDA Pro mostly ignores the last two decades of research done in the field of binary program analysis. It still relies on pattern matching compilers instead of using semantics driven methods that have been around for >10ys. While there exist tools like BAP, BitBlaze, Jackstab and Bindead. They are not really usable for people w/o graduate student level understanding of program analysis. This is where Panopticon fits in.
That said, it's usually much more complicated to change the size of the executable section (this requires modifying the headers and this tends to be a rather involved process), so usually if people are doing binary patches they are only modifying bytes, not adding or removing them.
That said, if the code is signed and there's a signature check - the check will fail if you modify the code.
If the signature is a simple crc/checksum, you could also update the checksum.
If it's a cryptographic signature, it might be a lot more difficult.
You could edit the binary manually with a hex editor, but some disassemblers like Hopper have a feature where you can type new instructions in assembly and it will assemble and insert them for you. I'm sure IDA pro has something like that as well.
 https://github.com/iphelix/ida-patcher/blob/master/idapatche... is what I have in my scripts dir, but I'm sure there are dozens of others out there. That specific Python script has the added benefit of being really approachable for the average user. Check Woodmann or Github or wherever people post their scripts these days if it doesn't meet your needs.
 IDA's basically turned into emacs, where the real power comes from all of the tooling you can conf into it. A stock 6.9 + HexRays license is worth it just for the free tooling you can find.
Hey I'm Kai Michaelis, I'm in an IT-Security Masters program in Bochum, Germany and work part-time for people who use the term Cybersecurity unironically.
A particularly interesting comment:
> Also I found iterator invalidation bugs simply by translating
> C++ to Rust, thanks Borrow Checker!
1. _SECURE_SCL on windows
2. _GLIBCXX_DEBUG on glibc based toolchains
> Assuming that tests exist, and have good coverage
That's a very big assumption. Granted my current job is often to clean up codebases that are the opposite of that, so maybe I've got a bias here.
I do not think 100% coverage on the code you write alone is enough to get to ‘all', though. For example, if your test declares a vector and calls a function that does
v.erase( i, v.end());
"Panopticon is under heavy development and its feature set still very basic. It's not yet able replace programs like radare2 and IDA Pro. We are working on it, check back regularly!"
- advanced interactivity (function boundary change, switch table options...)
- stack pointer tracking and stack recovery
- structure and enum definition, use in disassembly
- compiler and static library recognition
- an industry-standard decompilation plugin (Hex-Rays Decompiler)
- support for quick scripting using a high-level interpreter language (IDC/IDAPython)
Btw, most companies can afford an IDA license. It's pretty cheap compared to the salary of a developer, at least in the coastal US.
- Buy IDA Pro using a credit card
- Find bug or two, submit to bug bounty 
- Pay back credit using bug bounty money
"Panopticon is a disassembler that understands the semantics of opcodes. This way it's able to help the user by discovering and displaying invariants that would have to be discovered "by hand" in traditional disassemblers."
Doesn't every disassembler have to understand the opcode semantics in order to disassemble and make sense of them or am I misinterpreting that statement?
Also can anyone explain what the "invariants" are? When I hear the word I can only think of loop invariants and I'm guessing that is not what the author means here.
Making more sensible assembly that a human would write is another thing, if you want to follow jumps to figure out where instructions are and regenerate labels, then that's one step towards semantics.
I don't know what kinds of invariants panopticon is looking at, but there seems to be code for static analysis using abstract interpretation. This could do the data-flow analysis, determine types and recognize persistent variables.
Good lord what a cliche name.
This is the name that Google should have used instead :)