mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-26 21:00:16 +00:00
6.9 KiB
6.9 KiB
Reverse Engineer References
Hex Editors
Disassemblers
Dynamic Analysis
- Autoruns
- Process Monitor
- Process Explorer
- Process Hacker
- Noriben - Portable, Simple, Malware Analysis Sandbox
- API Monitor
- INetSim: Internet Services Simulation Suite
- FakeNet
- Volatility Framework
- Stardust
- LiME: Linux Memory Extractor
Sandbox and Stuff
Deobfuscation
- Balbuzard
- de4dot
- ex_pe_xor
- iheartxor
- FLOSS
- NoMoreXOR
- PackerAttacker
- unpacker
- unxor
- VirtualDeobfuscator
- XORBruteForcer
- XORSearch & XORStrings
- xortool
Awesome Reversing
- https://github.com/fdivrp/awesome-reversing - a plethora of references of tools, practice sites, and other reverse engineering information
Reverse Engineering Tutorials
- Assembly Programming Tutorial
- ARM Assembly Basics
- Binary Auditing Course
- Corelan Training
- Dr. Fu's Malware Analysis
- Legend of Random
- Lenas Reversing for Newbies
- Modern Binary Exploitation
- Offensive and Defensive Android Reversing
- Offensive Security
- Open Security Training
- REcon Training
- Reverse Engineering Malware 101
- RPISEC Malware Course
- TiGa's Video Tutorials
- Malware Traffic Analysis
Other Tools
Reverse Engineering Tools
- Interactive Disassembler (IDA Pro) - Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, IDA Free.
- WDK/WinDbg - Windows Driver Kit and WinDbg.
- OllyDbg - x86 debugger for Windows binaries that emphasizes binary code analysis.
- Radare2 - Open source, crossplatform reverse engineering framework.
- x64dbg - Open source x64/x32 debugger for windows.
- Immunity Debugger - Powerful way to write exploits and analyze malware.
- Evan's Debugger - OllyDbg-like debugger for GNU/Linux.
- Medusa - Open source, cross-platform interactive disassembler.
- plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
- peda - Python Exploit Development Assistance for GDB.
- dnSpy - Tool to reverse engineer .NET assemblies.
- binwalk - Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
- PyREBox - Python scriptable Reverse Engineering sandbox by Cisco-Talos.
- Voltron - Extensible debugger UI toolkit written in Python.
- Capstone - Lightweight multi-platform, multi-architecture disassembly framework.
- rVMI - Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.
- Frida - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
Reverse Engineering CTF-like Exercises
- https://microcorruption.com/ - Given a debugger and a device, find an input that unlocks it. Solve the level with that input.
- http://reversing.kr/challenge.php - This site tests your ability to Cracking & Reverse Code Engineering.
- https://www.malwaretech.com/beginner-malware-reversing-challenges - The purpose of these challenges is to familiarize beginners with common malware techniques.
- https://crackmes.one/ - This is a simple place where you can download crackmes to improve your reverse engineering skills.
- https://challenges.re/ - Well, "challenges" is a loud word, these are rather just exercises for RE.
- https://reverse.put.as/crackmes/ - A collection of crackmes for OS X. Send them to me if you have new ones to add!
- https://join.eset.com/en/challenges - If you want to join the team that every day faces global cyber-threats, uncover a hidden puzzle in the crackme program and prove us your potential.
- http://flare-on.com/ - FireEye's challenge RE.
- https://ropemporium.com/ - Learn return-oriented programming through a series of challenges designed to teach ROP techniques in isolation, with minimal reverse-engineering and bug-hunting.