kernullist / windbg-decompile-ext

Public

WinDbg x64 extension that disassembles live functions and uses an LLM to produce verified pseudocode.

100% credibility

Found Apr 21, 2026 at 19 stars -- GitGems finds repos before they trend. Get early access to the next one.

AI Analysis

C++

AI Summary

A WinDbg add-on that examines functions in running programs and generates human-readable pseudocode using AI assistance.

How It Works

🔍 Discover the magic decoder

While debugging confusing software crashes, you hear about a helpful tool that reads machine code and explains it like plain English.

📥 Get the tool ready

Download the files and prepare them simply so they're set for your debugging program.

🔌 Add to your debugger

Open your Windows debugger and load this new helper with a quick command.

🤖 Link a smart reader

Connect a clever AI brain nearby or online to understand the code deeply.

🎯 Point at mystery code

Choose a function in the debugger and ask the tool to explain it.

💡 Watch it reveal secrets

Beautiful readable steps appear, turning gibberish into clear logic.

✅ Solve puzzles fast

Now you grasp the code instantly, fix bugs quicker, and feel like a detective wizard.

Sign up to see the full architecture

5 more

Star Growth

See how this repo grew from 19 to 19 stars Sign Up Free

Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose

AI-Generated Review

What is windbg-decompile-ext?

This C++ WinDbg extension (windbg extension github) loads into windbg x64 sessions (install windbg x64 from windows windbg x64 installer or windbg x64 standalone download) and decompiles live x64 functions by name or address. Run `!decomp module!Function` to get disassembly, control flow, and LLM-generated pseudocode verified against facts like stack frames and calls. Supports OpenAI endpoints or local LLMs like Ollama, with JSON output and flags like `/deep` for big functions or `/no-llm` for analyzer-only mode.

Why is it gaining traction?

Unlike pure decompilers or windbg vs x64dbg (windbg vs x64dbg reddit debates), it pipes live WinDbg memory straight to LLMs for readable pseudocode, chunking huge functions and verifying output. No need for windbg script github hacks or windbg javascript github—direct HTTP calls with timeouts and mocks. Early adopters praise quick insights over raw disassembly (windbg preview x64, windbg preview github).

Who should use this?

Windows reverse engineers debugging kernel/user dumps in WinDbg x64dbg flows, malware analysts needing fast pseudocode from live functions, or windbg workspace github tinkerers tired of manual analysis. Pairs well with windbg samples github and windbg feedback github for x64 binaries (windbg x86 vs x64 caveats apply).

Verdict

Promising niche tool at 19 stars and 1.0% credibility—solid README with build scripts (windbg github download) but immature, no tests. Grab if you're deep in windbg mcp decompile workflows; skip for production without windbg x64 download tweaks.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.

Stars

Forks

Followers

Base stars: 19 stars

Penalty: Very new repo (0d): -70%

Bonus: AI verified quality (100%)

Account age: 4,526 days

Repo age: 0 days

License: MIT

Updated: Apr 21, 2026