Delphi Decompiler Dede -

Lets security analysts dissect suspicious Delphi binaries to trace embedded strings and calls to native Windows APIs.

: It includes a PE editor, an RVA (Relative Virtual Address) converter, and a DOI (Delphi Offset Info) builder to assist in low-level binary analysis. Core Limitations

For modern Delphi reverse engineering, or Ghidra + Delphi helper scripts are recommended over DeDe. delphi decompiler dede

IDR does not produce Pascal source either, but its information extraction is more accurate and robust than DeDe’s, and the project benefits from ongoing community contributions.

If the executable was processed using modern protectors or packers (like Themida, ASPack, or UPX), DeDe will fail to read the structures until the binary is manually unpacked in memory. How to Use DeDe: A Step-by-Step Workflow Lets security analysts dissect suspicious Delphi binaries to

: DeDe automatically identifies strings, object names, and calls to the VCL (Visual Component Library).

This public link is valid for 7 days and shares a thread, including any personal information you added. This link or copies made by others cannot be deleted. If you share with third parties, their policies apply. Can’t copy the link right now. Try again later. IDR does not produce Pascal source either, but

When a Delphi application is compiled, it embeds the Visual Component Library (VCL) directly into the binary. The compiler creates extensive metadata for the Runtime Type Information (RTTI) system. This system allows the application to query the data types of objects at runtime, facilitating Delphi’s rapid application development (RAD) environment.

DeDe has not been maintained for nearly two decades. There is no official website, no bug tracker, and no developer supporting it. Users rely on community archives and reverse‑engineered modifications. This means any issues—whether with a particular binary or with modern operating systems—are unlikely to be fixed.