SWF Investigator Wiki

Adobe SWF Investigator is a cross-platform, GUI-based, comprehensive set of tools, which enables quality engineers, developers and security researchers to quickly analyze SWF files to improve the quality and security of their applications.

From a static perspective, you can disassemble ActionScript 2 (AS2) and ActionScript 3 (AS3) SWFs, view SWF tags and make binary changes to SWF files. SWF Investigator also lets you view associated information, including local shared objects (LSOs) and per site settings.

From a dynamic perspective, you can call functions within the SWF, load the SWF in various contexts, communicate via local connections and send messages to Action Message Format (AMF) endpoints.

SWF Investigator contains an extensible fuzzer for SWF applications and AMF services, so you can search for common Web application attacks. This toolset also provides a variety of utilities including encoders and decoders for SWF data, as well as a basic AS3 compiler.

The current version is 0.6.5 and it is considered to be a beta release. The compiled binaries can be downloaded from http://labs.adobe.com/technologies/swfinvestigator/

The tool includes help pages with basic details for each feature. There is also a forum for SWF Investigator located at: http://forums.adobe.com/community/labs/swfinvestigator/

To build the application, please reference the BUILDNOTES.txt file within the trunk.