SIETCH

Replace the irreplaceable

Sietch observes how a compiled executable behaves and reconstructs its source from that behavior alone — no disassembly, no decompilation. Recovering what was lost, replacing what once seemed permanent.

Try the demo → View formats

Executable Input

00007f 45 4c 46 02 01 01 00.ELF....
000800 00 00 00 00 00 00 00........
001002 00 3e 00 01 00 00 00..>.....
001840 10 40 00 00 00 00 00@.@.....
002040 00 00 00 00 00 00 00@.......
0028d8 3f 00 00 00 00 00 00.?......
… 84,231 bytes remaining

LLM

Observe

Source Output

pub fn reconstruct(
  bin: &Executable,
  ctx: &LLMContext,
) -> SourceModule {
  let trace = bin.observe_behavior();
  let model = ctx.infer(trace);
  ctx.synthesize(model)
}

Scroll ↓

01 / Supported Formats

Three executable formats in. One source language out.

ELFUNIX

Executables, shared objects, and core dumps from the entire Linux ecosystem.

PE32+WINDOWS

PE/COFF executables, DLLs, and kernel drivers, including stripped release builds.

Mach-OAPPLE

Universal and single-arch macOS / iOS executables across x86-64 and Apple silicon.

WASMCOMING SOON

WebAssembly modules from the browser, edge runtimes, and serverless functions.

GUIsCOMING SOON

Reconstructing interface layouts and component trees straight from rendered application UIs.

02 / Get Your Source

Upload an executable. Get the source back.

Drop in a compiled executable and your email. Sietch observes its behavior, reconstructs readable, recompilable source, and sends it straight to your inbox.

sietch — reconstruct

Drop an executable here

or click to browse — ELF, PE32+, Mach-O…

Your email

▶ Reconstruct the source

Private by default

· Processed in an isolated sandbox
· Never used for training
· Deleted within 30 days or on request
· Only upload binaries you own or are authorized to analyze

Accepts ELF · PE32+ · Mach-O, up to 8 MB.

Benchmark · ProgramBench (PB) ↗

93%

Functional-equivalence success reconstructing source on easy & medium PB targets.

Measured without source access, disassembly, or internet.

Easy99%

Medium88%

HardIN TESTING

How we measured this →

· Evaluated on the easy & medium ProgramBench split — binary in, source out.
· No source access. No decompilation. No internet.
· Pass = every behavioral test for that target passes against the reconstruction.
· Full methodology & per-target results available under diligence.

ProgramBench · 200 programs · 248,000+ behavioral tests · pass = candidate matches the original program's behavior

Nothing stays
compiled forever.

Run your first reconstruction in the browser, or talk to us about early access for your team.

Try the demo → Supported formats

SIETCH

Three executable formats in. One source language out.

Upload an executable. Get the source back.

Nothing stayscompiled forever.

We're on it.

Nothing stays
compiled forever.