mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-25 12:20:18 +00:00
5.7 KiB
5.7 KiB
Reverse Engineer References
Hex Editors
Disassemblers
Dynamic Analysis
- Autoruns
- Process Monitor
- Process Explorer
- Process Hacker
- Noriben - Portable, Simple, Malware Analysis Sandbox
- API Monitor
- INetSim: Internet Services Simulation Suite
- FakeNet
- Volatility Framework
- Stardust
- LiME: Linux Memory Extractor
Sandbox and Stuff
Deobfuscation
- Balbuzard
- de4dot
- ex_pe_xor
- iheartxor
- FLOSS
- NoMoreXOR
- PackerAttacker
- unpacker
- unxor
- VirtualDeobfuscator
- XORBruteForcer
- XORSearch & XORStrings
- xortool
Awesome Reversing
- https://github.com/fdivrp/awesome-reversing - a plethora of references of tools, practice sites, and other reverse engineering information
Reverse Engineering Tutorials
- Assembly Programming Tutorial
- ARM Assembly Basics
- Binary Auditing Course
- Corelan Training
- Dr. Fu's Malware Analysis
- Legend of Random
- Lenas Reversing for Newbies
- Modern Binary Exploitation
- Offensive and Defensive Android Reversing
- Offensive Security
- Open Security Training
- REcon Training
- Reverse Engineering Malware 101
- RPISEC Malware Course
- TiGa's Video Tutorials
- Malware Traffic Analysis
Other Tools
Reverse Engineering Tools
- Interactive Disassembler (IDA Pro) - Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, IDA Free.
- WDK/WinDbg - Windows Driver Kit and WinDbg.
- OllyDbg - x86 debugger for Windows binaries that emphasizes binary code analysis.
- Radare2 - Open source, crossplatform reverse engineering framework.
- x64dbg - Open source x64/x32 debugger for windows.
- Immunity Debugger - Powerful way to write exploits and analyze malware.
- Evan's Debugger - OllyDbg-like debugger for GNU/Linux.
- Medusa - Open source, cross-platform interactive disassembler.
- plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
- peda - Python Exploit Development Assistance for GDB.
- dnSpy - Tool to reverse engineer .NET assemblies.
- binwalk - Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
- PyREBox - Python scriptable Reverse Engineering sandbox by Cisco-Talos.
- Voltron - Extensible debugger UI toolkit written in Python.
- Capstone - Lightweight multi-platform, multi-architecture disassembly framework.
- rVMI - Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.
- Frida - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.