Ghidra vs pyinstxtractor
GitHub Stats
About Ghidra
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. It includes a full-featured suite of high-end software analysis tools for analyzing compiled code across a variety of platforms. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide range of processor instruction sets and executable formats, and users can extend it through plugins and scripts written in Java or Python.
About pyinstxtractor
pyinstxtractor extracts the contents of executables created by PyInstaller, recovering the original compiled Python bytecode (.pyc files), data files, and package structure. When combined with a Python decompiler (like uncompyle6 or decompyle3), it enables full source code recovery from distributed Python applications. The tool handles various PyInstaller versions and packaging modes (onefile, onedir), extracts the Python version used for compilation, and identifies the main script entry point. Essential for malware analysis of Python-based threats and reverse engineering of packaged Python applications.
Platform Support
Tags
Ghidra only
pyinstxtractor only