SWFTOOLS

 

SWFTools is a collection of utilities for working with Adobe Flash files (SWF files). The tool collection includes programs for reading SWF files, combining them, and creating them from other content (like images, sound files, videos or sourcecode). SWFTools is released under the GPL. 

SWF INVESTIGATOR

 

Adobe® SWF Investigator is the only comprehensive, cross-platform, GUI-based set of tools that enables quality engineers, developers and security researchers to quickly analyze SWF files to improve the quality and security of their applications. With SWF Investigator, you can perform both static and dynamic analysis of SWF applications with just one toolset. SWF Investigator lets you quickly inspect every aspect of a SWF file from viewing the individual bits all the way through to dynamically interacting with a running SWF.

SWF DECOMPILER

 

Leading Flash decompiler & Flash to HTML5 converter for you to convert SWF to HTML5/ FLA/ FLEX; Easily extract almost all SWF resources; Make simple SWF modification by editing the shape elements or replacing image/ text/ sound elements. Getting XFL from Flash CS5 SWF is also enabled. Compatible with Windows 8 now.

SWFRETOOLS

 

The SWFRETools are a collection of tools built for vulnerability analysis of the Adobe Flash player and for malware analysis of malicious SWF files. The tools are partly written in Java and partly in Python and are licensed under the GPL 2.0 license.

The following tools are part of the SWFRETools:

 

  • Flash Dissector: Binary viewer for SWF files

  • SWF Parser: Build your own tools using this parser

  • Minimizer: Automatically minimize crashing SWF files

  • FP Debugger: Trace the Flash Player dynamically

  • StatsGenerator: Generate stats over SWF files

FLASM

 

Flasm disassembles your entire SWF including all the timelines and events. Looking at disassembly, you learn how the Flash compiler works, which improves your ActionScript skills. You can also do some optimizations on the disassembled code by hand or adjust the code as you wish. Flasm then applies your changes to the original SWF, replacing original actions.

It's also possible to embed Flasm actions in your ActionScript, making optimizing of large projects more comfortable.

 

Flasm is not a decompiler. What you get is the human readable representation of SWF bytecodes, not ActionScript source. If you're looking for a decompiler, Flare may suit your needs. However, Flare can't alter the SWF.

FLARE

 

Flare processes an SWF and extracts all scripts from it. The output is written to a single text file. Only ActionScript is extracted, no text or images. Flare is freeware. Windows, Mac OS X and Linux versions are available.

 

The main purpose of decompiler is to help you recover your own lost source code. However, there are other uses, like finding out how a component works, or trying to understand poorly documented interface. Depending on where you live, some of them may be forbidden by law. It's your responsibility to make sure you don't break the law using Flare.

 

If you develop Flash applications for living, you probably know that your code is not secure in SWF. It's not the existence of decompiler that makes your code insecure though, it's design of SWF format. Although no ActionScipt is stored there, most of it can be recovered from bytecodes.

XXXSWF

 

xxxswf.py is a Python script for carving, scanning, compressing, decompressing and analyzing Flash SWF files. The script can be used on an individual SWF, single SWF or multiple SWFs embedded in a file stream or all files in a directory. The tool could be useful for system administrators, incident response, exploit analyst, malware analyst or web developers. 

 
 
 
 
 
 
 

Subscribe for Updates

Congrats! You’re subscribed