Features
Built for Reverse Engineers

Every module in ERES PRO is purpose-built for binary analysis. Native performance, zero cloud dependency, HWID-locked licensing.

PE Analysis
Windows Binary Inspection
01
๐Ÿ“‹
Header Parser
Full MZ/PE header breakdown โ€” machine type, entry point, image base, timestamps, characteristics and DLL flags decoded.
02
๐Ÿ“‚
Section Table
All sections with virtual/raw addresses, sizes, permissions (R/W/X) and per-section Shannon entropy measurement.
03
๐Ÿ”—
Import & Export Tables
Proper IDT/EAT parsing via RVA resolution. Full function names, ordinals, addresses โ€” including ordinal-only imports.
04
#๏ธโƒฃ
Hashing & Imphash
MD5, SHA-1, SHA-256 of the full file. Import hash (imphash) computed for threat-intel correlation and family matching.
05
๐ŸŽญ
Packer Detection
Identifies UPX, Themida, ASPack, NsPack, MPRESS, Petite by section name patterns and high-entropy section flagging.
06
๐Ÿ”’
Security Flags
Decoded DLL characteristics โ€” ASLR, DEP/NX, CFG, SEH status, AppContainer, and more at a glance.
Disassembly
Code Analysis
07
โš™๏ธ
x86 / x64 Engine
Intel-syntax disassembly powered by Go's x86asm library. Supports 32-bit and 64-bit PE targets automatically.
08
๐ŸŽฏ
Section Targeting
Disassemble any named section or auto-select the first executable section. Set instruction count and raw offset.
09
โ˜•
JVM Bytecode
Full JVM disassembler with constant-pool resolution. Handles tableswitch, lookupswitch, wide prefix and all standard opcodes.
Java / JAR
JVM Reverse Engineering
10
๐Ÿ“ฆ
JAR Inspector
Parse MANIFEST.MF, enumerate all classes and resources. Per-class access flags, superclass, interfaces, fields and method signatures.
11
๐Ÿ”ค
Constant Pool Browser
Full constant-pool decoding โ€” Utf8, Class, MethodRef, FieldRef, NameAndType, InvokeDynamic and more resolved to readable strings.
12
๐Ÿ—‚
Method Disassembly
Disassemble any method by class path, name and descriptor. Exception table, max_stack, max_locals displayed inline.
13
๐Ÿ“…
Java Version Detection
Automatically maps class file major version to JDK release (Java 1.0 โ†’ Java 24), displayed per-class in the JAR overview.
System & Utilities
Runtime Inspection
14
๐Ÿ–ฅ
Process List
Live enumeration of all running processes with PID, name, exe path, memory RSS, thread count, PPID and username.
15
๐Ÿช
Hook Scanner
Detects LD_PRELOAD injection on Linux. Extensible architecture for inline hook detection on Windows targets.
16
๐Ÿ’ป
Hypervisor Detection
Checks CPU hypervisor flag, vendor string (KVM, VMware, Hyper-V, VirtualBox, Xen), DMI product name and core count.
17
๐Ÿง 
SSDT Viewer
Windows SSDT table with Nt* syscall names and addresses โ€” parsed from ntdll.dll exports when available on Windows.
18
๐Ÿ”
Security Traces
Scans for leftover data from IDA Pro, x64dbg, Ghidra, and ERES PRO itself โ€” useful for environment auditing.
19
๐ŸŽฎ
Game Engine Detector
Identifies Unity (Mono/IL2CPP), Unreal Engine, Godot, CryEngine, Source/Source 2 and Frostbite from binary signatures.
Export & Sandbox
Output & Execution
20
๐Ÿ’พ
Multi-Format Export
Export strings (TXT/JSON/CSV), PE report (TXT/JSON), disassembly (ASM/JSON) and raw section binary dumps.
21
๐Ÿ–
Sandbox Execution
Run targets in an isolated sandbox environment with agent-based reporting. Monitor behaviour without touching the host.
ERES PRO v0.2.0
Ready to analyze?

All plans include every feature. No upsells, no module gating.

View Pricing โ†’