Whilst I may be a little bit late I would like to wish everyone a Happy New Year. May 2010 be the best year yet!
Just like in previous years I ask all visitors of the things they like or dislike at this site and if they have suggestions or ideas they wish to raise in which it can be improved. You are welcome to post your comments here or send them to me either by PM or email.
Talking of improvements, finally after a long time there is now a working ratings system for file downloads which is accessible to site visitors. If you wish to rate a particular file you can do so simply by clicking on the appropriate star...
I started to manually check and moderate all comments on Tuts 4 You about a week ago before they could be approved for viewing. I made no announcement because I did not think anyone would notice but I was wrong, some of you have and asked what was going on. So for the others out there who may be wondering this is what will be happening in future.
The reason why I want to review all comments is because I am a bit disappointed with the level of English grammar, punctuation and short form used by people these days. To be honest I think there is no need for it and I find it sloppy, untidy and just laziness by posters who choose to do this. I may be getting old but I have always found this to be my pet hate on any site on the internet where I find it.
Just to clarify comments will not be changed or edited for any other reason. Your comments will only be edited to correct grammatical, spelling, and punctuation errors.
If anyone has any questions or queries please feel welcome to ask me...
With the weather being bad today and having some hours to kill (watching some movies) I decided to check out the new LZMA2 (64-bit) compression which will be included in the up-coming 7-ZIP v9 release. You may ask why version 9 and not 4, I think it is to reference the year it will be released. Please correct me if I am wrong :)
I also decided to compress the same files using the up-coming release of WinRAR64. It has an improved and updated compression engine to support more modern multi-core and multi-threaded CPU's, instructions and memory. It all sounds promising on paper but can this old yet updated compression algorithm really stand up against its more modern counterpart?
Today I added a lot of new unpackme formats and versions that I had been building up for a while. I intended on uploading a large majority of these to Tuts 4 You before Christmas unfortunately time got the better of me. However since then I managed to keep adding to the list, 57 new formats and versions in all:
You will not see these listed in the Latest Downloads menu because I thought it better to leave some of the current listings on top. These unpackme's are however available for download if you go look for them, I added the upload dates as being 19/12/2008.
There are a couple of (old version) .NET unpackme's and some file binders in the list. I kept a couple of those file binders in the list simply for signatures so don't expect any unpacking challenges there...
An Exercise in Approaching a Target Differently Author: Ian Lyte I wanted to experiment with API hooking and Nektra Spy Studio to examine how it could help me approach a target. So I grabbed a simple crackme and tried to experiment. Date: 08 Mar : 07:54 Filesize: 583.07 kb Total Downloads: 83
(dotNET Reversing:)
Easy Way To Unpack DotNet Packed Programs Author: CodeRipper This easy tutorial will teach you how to unpack various DotNet packed files. Date: 08 Mar : 07:51 Filesize: 12.92 kb Total Downloads: 95
(Keygenning / Serial Fishing:)
Keygenning and Patching Jopas KeygenMe3 Author: qpt^J This tutorial shows how to keygen Jopas KeygenMe3. Protection includes: elgamal-256 bit, rsa-256 bit, sha-256 Date: 08 Mar : 07:48 Filesize: 674.89 kb Total Downloads: 113
(Malware Analysis:)
Mass Malware Analysis - A Do It Yourself Kit Author: Christian Wojner This paper outlines the relevant steps to build up a customizable automated malware analysis station by using only freely available components with the exception of the target OS (Windows XP) itself. Further a special focus lies in handling a huge am [more...] Date: 08 Mar : 07:45 Filesize: 836.66 kb Total Downloads: 69
(Anti-Debugging:)
Software Protection Against Reverse Engineering Tools Author: Joshua A. Benson Advances in technology have led to the use of simple to use automated debugging tools which can be extremely helpful in troubleshooting problems in code. However, a malicious attacker can use these same tools. Securely designing software and keeping [more...] Date: 08 Mar : 07:36 Filesize: 1.16 mb Total Downloads: 68
(OllyDbg Plugins:)
StrongOD 0.3.1.610 Author: 海风月影 Make your OllyDbg Strong!
This plug-in provides three kinds of ways to initiate the process:
1, Normal - And the same manner as the original start, the STARTUPINFO inside unclean data
2, CreateAsUser - User with a mandate to initiate the proc [more...] Date: 08 Mar : 06:57 Filesize: 232.57 kb Total Downloads: 5563
(Debuggers / Disassemblers:)
Delphi Decompiler 1.1.0.194 Author: BitMaker Delphi Decompiler can analyze executables compiled with Delphi 2 to 7 giving you; all DFM files of the target,
commented ASM code with references to strings, imported function calls, classes methods calls, components in the unit, Try-Except and Try- [more...] Date: 06 Mar : 09:31 Filesize: 2.74 mb Total Downloads: 291
(Unpacking Tutorials:)
PeCompact 2.xx - 3.xx (Unpacking) Author: SSlEvIN Audio and video tutorial on manual unpacking and fixing of a target packed with PE Compact version 2.00-3.00. The tutorial cover the whole process, and also has and audio track. Date: 06 Mar : 09:30 Filesize: 13.35 mb Total Downloads: 110
(IDA Scripts:)
PS3 Hypervisor Dump Script Author: Xorloser It seems someone took some initiative and made some software themselves to dump the hypervisor once they have the correct hardware and software. So for anyone who has used that and dumped their own hypervisor I present this PS3 HV Dump setup script f [more...] Date: 25 Feb : 02:58 Filesize: 6.21 kb Total Downloads: 49
(Virtual Memory / Machines:)
Creating Code Obfuscation Virtual Machines Author: Craig Smith Explanation of what a virtual machine is and how they are used. It focuses on embedded virtual machines used for code obfuscation. Specific coding examples are provided on how to write your own opcode interpreter. Code samples on how to embed your ne [more...] Date: 24 Feb : 08:25 Filesize: 157.82 mb Total Downloads: 632
(OllyScript - Scripts:)
ExeCryptor 2.4.x DeVM Author: VolX A script to restore ExeCryptor's virtualized machine instructions. Date: 24 Feb : 08:23 Filesize: 5.78 kb Total Downloads: 237
(Unpacking Tutorials:)
ExeCryptor 2.4.x (Tips and Tricks) Author: SunBeam Posting the start of a series that might be appreciated in the near-by future. EXECryptor is a good protector, but as time passes by, it gets deprecated. I included a few articles (3 so far) that discuss in depth some of its internals (mostly practic [more...] Date: 24 Feb : 08:07 Filesize: 2.4 mb Total Downloads: 312
(Unpacking Tutorials:)
ExeCryptor 2.4.x (Compressed Code) Author: SunBeam Hello, folks. Been a while since I touched EXECryptor ( exams and all that ), so I decided, after careful consideration, to shed a little insight on EXECryptor’s compressed code functionality. Many of you know that EC comes in 2 flavors when it com [more...] Date: 24 Feb : 07:57 Filesize: 2.35 mb Total Downloads: 307
(Debuggers / Disassemblers:)
PVDasm 64Bit Disassembler 1.7a Author: Bengaly The Proview (a.k.a PVDasm) Disassembler is Free, Interactive, Multi-CPU (Intel 80x86/ Chip8) that includes many features which allows the user to perform analysis on the target image file. PVDasm currently support image files of executable files (.ex [more...] Date: 20 Feb : 01:19 Filesize: 303.59 kb Total Downloads: 120
(Debuggers / Disassemblers:)
PVDasm 32Bit Disassembler 1.7a Author: Bengaly The Proview (a.k.a PVDasm) Disassembler is Free, Interactive, Multi-CPU (Intel 80x86/ Chip8) that includes many features which allows the user to perform analysis on the target image file. PVDasm currently support image files of executable files (.ex [more...] Date: 20 Feb : 01:19 Filesize: 278.74 kb Total Downloads: 701
Date: 17 Feb : 07:33 Filesize: 86.85 kb Total Downloads: 162
(IDA Plugins:)
PPC Altivec Plugin 1.6.6 Author: Xorloser PPC Altivec Plugin for IDA v5.6 which adds support for special instructions that are used by some PPC based devices. This was originally written by Dean Ashton and then updated by Takires. This is useful when disassembling Xbox360 and PS3 binaries in [more...] Date: 17 Feb : 05:56 Filesize: 36.94 kb Total Downloads: 70
(Keygenning / Serial Fishing:)
Serial Fishing Arthis KeygenMe A0.2 Author: Dahiphop A serial fishing tutorial for Arthis KeygenMe A0.2:
Language: Microsoft Visual Basic 5.0 / 6.0
Level: 7 - Very hard Date: 16 Feb : 07:54 Filesize: 1.77 mb Total Downloads: 420
(IDA Plugins:)
IDA Stealth 1.2.1 Author: Jan Newger IDA Stealth is a plugin which aims to hide the IDA debugger from most common anti-debugging techniques. The plugin is composed of two files, the plugin itself and a dll which is injected into the debuggee as soon as the debugger attaches to the proce [more...] Date: 16 Feb : 07:54 Filesize: 760.72 kb Total Downloads: 1131
(Java Reversing:)
Java Reversing Author: Epokh The following is a sample tutorial on Java reversing. The reader must know the architecture and Java JVM asm, however I will report some essentials during the article. Date: 09 Feb : 08:59 Filesize: 476.95 kb Total Downloads: 388
(Unpacking Tutorials:)
RLPack 1.0 - 1.21 (Unpacking) Author: LCF-AT A movie where you can exactly see how to use my script so in this movie I unpacked four different RLPack targets which different enabled protection features. Date: 09 Feb : 08:54 Filesize: 7.3 mb Total Downloads: 410
Date: 09 Feb : 08:53 Filesize: 82.76 kb Total Downloads: 134
(OllyDbg Extra Tools & Utilities:)
LoadDLL+ 0.1 Author: EvOlUtIoN A more advanced loaddll.exe that allows you to load DLL's in to different memory locations, so you can rebuild relocations in an easy way. Date: 06 Feb : 03:45 Filesize: 30.39 kb Total Downloads: 272
(Cryptography Tools:)
Msieve 1.44 + GUI 1.1 Author: Jason Papadopoulos + Anogrganix Factoring is the study (half math, half engineering, half art form) of taking big numbers and expessing them as the product of smaller numbers. If I find out 15 = 3 * 5, I've performed an integer factorization on the number 15. As the number to [more...] Date: 05 Feb : 01:37 Filesize: 1.03 mb Total Downloads: 4553
(IDA Pro Disassembler and Debugger:)
IDA Pro Disassembler 5.6 Author: Hex-Rays IDA Pro is a programmable, interactive, multi-processor disassembler combined with a local and remote debugger and augmented by a complete plugin programming environment.
IDA Pro is in many ways unique. Its interactivity allows you to improve disa [more...] Date: 04 Feb : 02:49 Filesize: 26.72 mb Total Downloads: 3188
(Debuggers / Disassemblers:)
W32Dasm 10.0 Author: Killer Note: This has been added to the database for posterity.
Software: anti-static compilation of the best tools!
List of new features:
1, custom syntax highlight colors, highlight certain keywords can use color display, Good!
2, can increase t [more...] Date: 03 Feb : 02:28 Filesize: 555.37 kb Total Downloads: 1056
(OllyScript - Editors:)
OllyScriptEditor 0.35 Author: BriteDream An editor for creating and editing scripts which can be used with the OllyScript plugin for OllyDbg. Date: 03 Feb : 02:09 Filesize: 12.38 mb Total Downloads: 3764
(OllyDbg Plugins:)
OllyTiper 2.0 Author: Vptrlx Totally remade and BUGFIXed by vptrlx.
OllyTiper is a plugin for OllyDbg v1.10, to improve OllyDbg's operation. Most of the content from the KanXue patch features the "to Ollydbg increase in operating functions useful shortcut keys," [more...] Date: 03 Feb : 02:09 Filesize: 39.52 kb Total Downloads: 733
(OllyDbg Plugins:)
Mapimp 0.7 Author: takerZ This is an open source OllyDbg plugin which will help you to import map files exported by IDA or Dede. There are many plugins using which you can perform similar actions, but mapimp:
- Recognizes debugged file segments and applies names correctly
[more...] Date: 26 Jan : 08:26 Filesize: 47.76 kb Total Downloads: 531
Date: 20 Jan : 03:46 Filesize: 1.99 kb Total Downloads: 179
(OllyDbg Plugins:)
HOlly 0.4 Build 90 Author: High6 This is my OllyDbg mod named HOlly. I will be constantly adding features as I require them or they are requested. Currently it only has a multiline assembler that needs some work but I would like some input.
So if I could get some input on the fol [more...] Date: 19 Jan : 16:15 Filesize: 64.04 kb Total Downloads: 886
Date: 19 Jan : 07:05 Filesize: 725 b Total Downloads: 112
(OllyDbg Plugins:)
AnalyzeThis+ 0.24 Author: SMK I made some improvements to AnalyzeThis mainly to analyze a memory section which originally reports "this section is not associated with any module".
....
Sometimes (especially when dealing with packers) you may need to run OllyDbg� [more...] Date: 12 Jan : 07:59 Filesize: 36.85 kb Total Downloads: 760
(Debuggers / Disassemblers:)
P32Dasm 2.6 Author: Darker P32Dasm is a VB PCode Decompiler. It can generate String, Numbers, Objects, Import and Export function listing. There is also Jump calculator. For NCode events is here offset listing for setting BPX. You can generate .map files which you can import t [more...] Date: 08 Jan : 23:45 Filesize: 262.56 kb Total Downloads: 1963
(Debuggers / Disassemblers:)
Syser Kernel Debugger 1.99.1900.1191 Author: Syser Software Inc A core-level debugger with full-graphical interfaces and supports assembly debugging and source code debugging
Syser Debugger is designed for the Windows NT Family which is based on the X86 platform. Syser Debugger is a core-level debugger with fu [more...] Date: 08 Jan : 23:32 Filesize: 4.34 mb Total Downloads: 210
(Debuggers / Disassemblers:)
Syser Win32 Debugger 1.99.1900.1191 Author: Syser Software Inc A core-level debugger with full-graphical interfaces and supports assembly debugging and source code debugging
Syser Debugger is designed for the Windows NT Family which is based on the X86 platform. Syser Debugger is a core-level debugger with fu [more...] Date: 08 Jan : 23:25 Filesize: 1.55 mb Total Downloads: 165
(Binary Analysis / Editing:)
PROTECTiON iD 6.3.5 Author: CDKiLLER & TippeX Features:
- detection of every major PC ISO Game / Application protection
- currently covers 475 detections, including win32/64 exe protectors & packers, .net protectors, dongles, licenses & installers
- sector scanning CDs / DVDs for Copy Prote [more...] Date: 07 Jan : 05:06 Filesize: 498.45 kb Total Downloads: 3360
(OllyDbg Engines / Modifications:)
OllyDbg - EvO_DBG Author: EvOlUtIoN This is my version of OllyDBG. I removed all useless plugins and put my preferred ones, and also I set-up a good configuration. With it you should be able to load any protected file (Themida for example).
Sometimes you have to change some options [more...] Date: 04 Dec : 03:09 Filesize: 1.84 mb Total Downloads: 2443
(OllyDbg Engines / Modifications:)
OllyDbg 2.0.0.7 (Beta 3) Author: Oleh Yuschuk OllyDbg 2.0 is a 32-bit assembler-level analyzing Degugger with intuitive interface. It is especially useful if source code is not available or when you experience problems with your compiler.
Requirements. Developed and tested mainly under Windo [more...] Date: 03 Dec : 07:10 Filesize: 1.08 mb Total Downloads: 6985
[ Tuts 4 You ]
