xortool
๐งฌ Reverse Engineering ยท Python
xortool is a Python-based cryptanalysis tool that analyzes and breaks multi-byte XOR cipher encrypted data by performing statistical analysis to determine the most probable key length and key values. It uses character frequency analysis, key length estimation through coincidence counting, and known-plaintext assumptions to recover encryption keys without brute force. CTF participants, malware analysts, and cryptography researchers use xortool to quickly defeat XOR-based obfuscation, which remains one of the most common lightweight encryption schemes found in malware, data encoding, and CTF challenges. The tool can process raw binary files, hex-encoded data, and text input, outputting recovered keys and decrypted plaintext with probability rankings for each candidate.
Tags
Details
- Category
- ๐งฌ Reverse Engineering
- Language
- Python
- Repository
- hellman/xortool
- Platforms
- ๐งlinux๐macos๐ชwindows
Links
Community Reviews
No reviews yet. Be the first to review xortool.
More in Reverse Engineering
dnSpy
C#.NET debugger, decompiler, and assembly editor. Inspect and modify .NET and Unity assemblies without source code.
ILSpy
C#Open-source .NET decompiler and assembly browser. Produces clean C# from compiled binaries with cross-platform support.
x64dbg
C++Open-source x64/x32 debugger for Windows. Full-featured binary debugger with plugin ecosystem for malware analysis and reverse engineering.
Detect It Easy
C++/QtBinary packer and compiler detection. Identifies compilers, linkers, packers, and protectors used to build PE, ELF, and Mach-O files.
angr
PythonBinary analysis framework. Symbolic execution, CFG recovery, and vulnerability discovery for compiled binaries in Python.
RetDec
C++Retargetable decompiler by Avast. Converts machine code back to C from x86, ARM, MIPS, and PowerPC binaries.