Two weeks ago I gave a presentation at SOURCE Boston where I released a new collection of open-source tools for Adobe Flash SWF file reverse engineering. I am developing these tools, called SWFRETools, to help reverse engineers like vulnerability researchers and malware analysts that have to deal with SWF files regularly. Today I have published version 1.1.0 of the SWFRETools on GitHub for everyone to download.

As of right now, the SWFRETools package contains three different tools. The most advanced tool is called Flash Dissector. It is a Java-based GUI tool you can use to inspect the binary content of SWF files. The second tool is a Java-based command-line tool called Minimizer. This tool is useful for vulnerability researchers that have a SWF file that crashes Flash Player and now they want to get rid of all parts of the SWF file that are not related to the crash. The third tool is a primitive Python-based debugger that can be used to hook and trace the Flash Player executable.

Flash Dissector hex view showing the binary content of a SWF file

Flash Dissector code view showing ActionScript 3 code in a SWF file