pyinstxtractor
GPL-3.0๐งฌ Reverse Engineering ยท Python
pyinstxtractor extracts the contents of executables created by PyInstaller, recovering the original compiled Python bytecode (.pyc files), data files, and package structure. When combined with a Python decompiler (like uncompyle6 or decompyle3), it enables full source code recovery from distributed Python applications. The tool handles various PyInstaller versions and packaging modes (onefile, onedir), extracts the Python version used for compilation, and identifies the main script entry point. Essential for malware analysis of Python-based threats and reverse engineering of packaged Python applications.
Installation
$ git clone https://github.com/extremecoders-re/pyinstxtractor.gitUse Cases
- Extracting Python source from PyInstaller executables
- Malware analysis of Python-based threats
- Recovering resources from packaged Python apps
- Determining Python version and dependencies of compiled binaries
Tags
Details
- Category
- ๐งฌ Reverse Engineering
- Language
- Python
- Repository
- extremecoders-re/pyinstxtractor
- License
- GPL-3.0
- Platforms
- ๐งlinux๐macos๐ชwindows
Links
Community Reviews
Alternatives & Comparisons
More in Reverse Engineering
dnSpy
C#.NET debugger, decompiler, and assembly editor. Inspect and modify .NET and Unity assemblies without source code.
ILSpy
C#Open-source .NET decompiler and assembly browser. Produces clean C# from compiled binaries with cross-platform support.
x64dbg
C++Open-source x64/x32 debugger for Windows. Full-featured binary debugger with plugin ecosystem for malware analysis and reverse engineering.
Detect It Easy
C++/QtBinary packer and compiler detection. Identifies compilers, linkers, packers, and protectors used to build PE, ELF, and Mach-O files.
angr
PythonBinary analysis framework. Symbolic execution, CFG recovery, and vulnerability discovery for compiled binaries in Python.
RetDec
C++Retargetable decompiler by Avast. Converts machine code back to C from x86, ARM, MIPS, and PowerPC binaries.