From ESP8266-RE Wiki
Jump to: navigation, search

Toolchains / Development Environments


The current de-facto standard for low-level ESP8266 development is esp-open-sdk, which can automatically build a full development environment and toolchain, including all the necessary GNU cross-compiling tools needed by most other utilities.


FreeRTOS-based development environment and application framework for ESP8266, parts of which are completely open source and produced by reverse engineering efforts. esp-open-rtos also host the most complete known headers for ESP8266 registers, etc. (at If you reverse-engineered meaning of some new registers or their bits, that's the best place to contribute them.

Disassemblers / Inspection Tools


ScratchABit is an interactive incremental disassembler with data/control flow analysis capabilities.

ScratchABit is intended to be cross-platform, and uses a simple text (vt100/xterm) interface to inspect and follow code interactively.


Xtobjdis is an ELF object file disassembler for the Xtensa ISA. It is intended primarily for disassembling object (.o) files, such as those contained in the IoT SDK libraries, fully exploiting all symbol, relocation, and compiler annotation information provided (though non-ELF binaries can be converted to work with it as well, with somewhat less information available).

Xtobjdis also provides tools for generating function call graphs from the disassembly as well.


radare2 is a cross-platform unix-like reverse engineering framework with a commandline tool suite.

radare2 has recently added xtensa support, allowing it to draw jump/branch lines next to the disassembled code.


Foogod's ESP8266-RE Tools

A collection of miscellaneous scripts/tools (mostly based on xtobjdis) which have been useful for some of the reverse engineering efforts to date.

pfalcon's RE helpers

Some helper scripts to help analyze ESP8266 SDK.