RESX

Windows Binary Analysis & RE Toolkit

RESX is a Windows binary analysis toolkit for terminal-first reversing, symbol-backed inspection, targeted disassembly, pseudo-C reconstruction, CFG recovery, triage, and PE inspection.

Documentation

• CLI documentation
• Analysis surfaces
• JSON schemas
• VS Code extension documentation

Screenshots

VS Code Binary Viewer

Command Palette Workflows

Install The VS Code Extension

See the full guide in docs/vscode-extension.md.

Typical flow:

cd resx-vscode
npm install
npm run compile
npm run package

Install the generated .vsix from VS Code with Extensions: Install from VSIX....

Use The CLI

See the full guide in docs/cli.md.

Build:

cargo build --release

Common commands:

resx dump <dll> <function>
resx cfg <dll> <function>
resx reconstruct-cfg <dll>
resx intelli <dll> [function]
resx peinfo <dll>
resx locate <name>
resx locate-sym <name>
resx scan <path>
resx syms <dll>

Newer analysis surfaces include PDB/export-backed function discovery, recursive startup CFG reconstruction, x64 unwind and exception-handler edges, typed pseudo-C reconstruction, indirect-control-flow annotations, Win32K GUI syscall tracing, scan-driven fuzz target ranking, and versioned JSON output for automation.