 |
 [download] IDA Pro User Tutorial
Posted by draconlord on 22 February 2012 - 03:29
I got an error while patching by assemble, I tried to inject JMP instead of JNZ and got error msg : cannot reach destination from current location. What went wrong?
[download] Reversing for Newbies - Complete
Posted by lena151_as_guest on 20 February 2012 - 14:32
The download is working properly for me. Just click the blue arrow to download.lena151.
[download] OllyDbg Movie Tutorial 3
Posted by moytrage on 16 February 2012 - 12:28
Dear author, can you please submit the first part? Only 2/3 are available... Thanks! :)
[download] .NET Reversing Tips - Chapter 2
Posted by gombi on 12 February 2012 - 18:54
Would be nice to see a tut on use of the pebrowse debugger.I originally supposed you use it the way you use olly but that was a big mistake. I've never been able to get it to do anything except go aro [ more ... ]
[download] Reversing for Newbies - Complete
Posted by Help on 10 February 2012 - 15:47
Can someone upload this on MediaFire?
[download] DetachMe 0.1
Posted by mr.exodia on 08 February 2012 - 13:01
Thanks a lot for the plugin, what you say about the "Debugger must be running is very annoying sometimes"+1
[download] Reversing for Newbies - Complete
Posted by balag on 06 February 2012 - 19:41
The download link gives an html file which is not opening up properly, due to some xml issues. Where are the files that you folks are talking about?
[download] Reversing for Newbies - Complete
Posted by kvostaa on 06 February 2012 - 16:56
I have one problem with OllyDbg. Every time when I select "search for all text strings" >> "search for text" and type the bad massage Olly says no item found! This is every time I try to search error [ more ... ]
[download] .NET Reverse Engineering Tutorial 1
Posted by gombie on 05 February 2012 - 12:57
Tutorial refers to "opcode manual" that shows how dotNet commands relate over to assembly commands. Where is this manual?
[download] PeSpin 1.33 JavaScript Unpacker v0.1
Posted by mr.exodia on 02 February 2012 - 14:12
WOW! This is a great plugin language... I recommend Code::Blocks to do auto-formatting so scripts are kept readable in the future.Thanks a lot for this powerful example!Mr. eXoDia
|
|
|
|
|
(OllyDbg Plugins:)
Calculator 0.1
Author: Waliedassar
Fast access to Windows Calculator from OllyDbg, just press Alt+F11.
Tested with OllyDbg v1.10 on XP SP2 and Windows 7.
Date: 22 February 2012 - 08:03
Filesize: 700.57 kb
Total Downloads: 9
(OllyDbg Plugins:)
AttachTo 0.1
Author: Waliedassar
Processes with manipulated PEB.LoaderData don't show in the OllyDbg "Select process to attach" dialogue box.
The plugin first checks for the integrity of the target process's _PEB_LDR_DATA structure. If a manipulated structure [more...]
Date: 22 February 2012 - 07:57
Filesize: 720.81 kb
Total Downloads: 10
(OllyDbg Plugins:)
ICanAttach 0.2
Author: Waliedassar
This plugin enables you to bypass anti-attach techniques e.g. Hooked DbgUiRemoteBreakin, DbgBreakPoint, and NtContinue functions.
Date: 22 February 2012 - 07:57
Filesize: 153.92 kb
Total Downloads: 219
(OllyDbg Plugins:)
MarkAllAsSystem 0.1
Author: Waliedassar
This tiny OllyDbg plugin marks all loaded DLLs as system.
This is very useful only when tracing over system DLLs in an application with large number of loaded non-system DLLs.
Date: 22 February 2012 - 07:55
Filesize: 2.7 kb
Total Downloads: 7
(OllyDbg Plugins:)
OllyVB 0.1
Author: Waliedassar
A tiny plugin that resolves the "DllFunctionCall" function calls.
Date: 22 February 2012 - 07:54
Filesize: 3.95 kb
Total Downloads: 10
(OllyDbg Plugins:)
StrongOD 0.4.6.816
Author: 海风月影
Make your OllyDbg Strong!
This plug-in provides three kinds of ways to initiate the process:
1, Normal - And the same manner as the original start, the STARTUPINFO inside unclean data
2, CreateAsUser - User with a mandate to initiate the proc [more...]
Date: 14 February 2012 - 06:12
Filesize: 289.21 kb
Total Downloads: 15367
(Unpacking Tutorials:)
PC Guard 5.07 (Unpacking)
Author: PassingThrough
A video tutorial showing a method of unpacking PC Guard 5.07 on Windows XP.
Date: 14 February 2012 - 06:05
Filesize: 5.84 mb
Total Downloads: 248
(IDA Plugins:)
VirusTotal v0.1
Author: Elias Bachaalany
A VirusTotal reporting and file submission plugin for IDA Pro. The plugin will allow you to get reports from VirusTotal based on the input file MD5 or a file of your choice. The plugin will offer to upload the file if the file was not analyzed before [more...]
Date: 14 February 2012 - 05:52
Filesize: 5.81 kb
Total Downloads: 33
(OllyDbg Plugins:)
DetachMe 0.1
Author: Waliedassar
One of the new interesting features of OllyDbg v2.0 is the "Detach" functionality, which enables you to detach debuggees from OllyDbg at anytime and let them run freely outside control of OllyDbg.
Unfortunately, OllyDbg v1.10, the widely [more...]
Date: 08 February 2012 - 06:44
Filesize: 4.51 kb
Total Downloads: 126
(OllyDbg Plugins:)
Ariadne Optimizer 0.1 (OllyDbg)
Author: Group-IB
The Ariadne framework makes it possible for anyone who is involved in reverse engineering to save a time when reversing a code or creating new products. Using Ariadne, you can read and modify executable files, disassemble them, and even decompile a p [more...]
Date: 07 February 2012 - 08:47
Filesize: 57.3 kb
Total Downloads: 195
(IDA Plugins:)
Ariadne Optimizer 0.1 (IDA)
Author: Group-IB
The Ariadne framework makes it possible for anyone who is involved in reverse engineering to save a time when reversing a code or creating new products. Using Ariadne, you can read and modify executable files, disassemble them, and even decompile a p [more...]
Date: 07 February 2012 - 08:45
Filesize: 57.3 kb
Total Downloads: 108
(Immunity Plugins:)
Ariadne Optimizer 0.1 (Immunity)
Author: Group-IB
The Ariadne framework makes it possible for anyone who is involved in reverse engineering to save a time when reversing a code or creating new products. Using Ariadne, you can read and modify executable files, disassemble them, and even decompile a p [more...]
Date: 07 February 2012 - 08:34
Filesize: 57.3 kb
Total Downloads: 35
(OllyDbg Plugins:)
ODBGPluginConv 0.1b
Author: Thunder
A utility to convert our OllyDbg plugins to use them on any modified version thereof
Features:
-Automatic plugin conversion
-Supported versions: OllyDbg, Defixed, SND, RAMODBG, diablo2oo2, Shadow, ICE, CiM.
-Advanced plugin conversion
-C [more...]
Date: 07 February 2012 - 08:31
Filesize: 408.85 kb
Total Downloads: 85
(Packers / Protectors:)
Armadillo - ECDSA Patching
Author: Mr. eXoDia
I had a lot of free time to spend and therefore I created a full tutorial about Armadillo ECDSA Public Parameter replacing. I will start from the beginning and put hardware breakpoints and stuff to show you the time-consuming process which reversing [more...]
Date: 04 February 2012 - 21:43
Filesize: 22.03 mb
Total Downloads: 185
(OllyScript - Scripts:)
Armadillo - Locate Security DLL v0.1
Author: Mr. eXoDia
A script to automatically locate the security.dll in Armadillo packed executables.
Date: 04 February 2012 - 21:34
Filesize: 892 b
Total Downloads: 78
(Cryptography Tools:)
Msieve 1.50 + GUI 1.1
Author: Jason Papadopoulos + Anogrganix
Factoring is the study (half math, half engineering, half art form) of taking big numbers and expessing them as the product of smaller numbers. If I find out 15 = 3 * 5, I've performed an integer factorization on the number 15. As the number to [more...]
Date: 04 February 2012 - 21:34
Filesize: 1.87 mb
Total Downloads: 6168
(OllyScript - Scripts:)
Armadillo 3.7x - 8.xx Unpacker (Standard + Debug-Blocker) v0.1
Author: Mr. eXoDia
Armadillo v3.7x - v8.xx Debug Blocker / Standard / Minimum unpacking script. This script unpacks almost every version of Armadillo, it also unpacks UPX if it's detected.
Date: 27 January 2012 - 22:03
Filesize: 12.84 kb
Total Downloads: 304
(Unpacking Tutorials:)
DYAMAR 1.3.6 (Unpacking)
Author: Mr. eXoDia
Dear tuts4you, I had some time and here is my new tutorial about unpacking DYAMAR Protector.
Date: 27 January 2012 - 22:01
Filesize: 16.77 mb
Total Downloads: 266
(OllyDbg Plugins:)
ODBJScript 1.1.956
Author: Zool@nder
Overview:
1) ODBJScript is a 'yet another scripting language' plugin for OllyDbg 1.10 that lets you script OllyDbg. It brings to the reverse engineering world another hopefully useful, more common and widely spread language: jacascript! [more...]
Date: 27 January 2012 - 21:57
Filesize: 989.55 kb
Total Downloads: 161
(OllyDbg JavaScripts:)
PeSpin 1.33 JavaScript Unpacker v0.1
Author: Zool@nder
This Script fix all but:
- nanomites (use spinano to fix them)
- iat alignement (use PESpin 1.33c version or UIF to fix it).
Date: 27 January 2012 - 21:55
Filesize: 6.35 kb
Total Downloads: 94
(Software Testing and Binary Static Analysis:)
Practical Low-effort Equivalence Verification of Real Code
Author: David A. Ramos, Dawson R. Engler
Verifying code equivalence is useful in many situations, such as checking: yesterdays code against today's, different implementations of the same (standardized) interface, or an optimized routine against a reference implementation. We present a [more...]
Date: 27 January 2012 - 21:54
Filesize: 187.08 kb
Total Downloads: 30
(Immunity Extra Tools & Utilities:)
PluginFix 1.01
Author: BoB
This simple tool will fix OllyDbg or old Immunity Debugger plugins to work with the new ImmDbg v1.80, where many things have changed since previous versions making plugins incompatible.
To use, simply drop one or more plugins onto the FixPlugin.EX [more...]
Date: 22 January 2012 - 06:16
Filesize: 16.01 kb
Total Downloads: 145
(OllyScript - Scripts:)
Inline Patcher & API Hooker v1.0
Author: PerTic@n
A script to assist in hooking API's and creating inline patches.
Date: 22 January 2012 - 05:06
Filesize: 24.21 kb
Total Downloads: 104
(Software Testing and Binary Static Analysis:)
A Smart Fuzzer for x86 Executables
Author: Andrea Lanzi, Lorenzo Martignoni, Mattia Monga, Roberto Paleari
The automatic identification of security-relevant flaws in binary executables is still a young but promising research area. In this paper, we describe a new approach for the identification of vulnerabilities in object code we called smart fuzzing. Wh [more...]
Date: 22 January 2012 - 05:00
Filesize: 211.64 kb
Total Downloads: 75
(Software Testing and Binary Static Analysis:)
Assembly Visualization and Analysis
Author: Jennifer Baldwin
Software engineering and programming language advances and developments have brought us further away from low-level languages like assembly and have had an impact on productivity, time to market, comprehension, maintenance and evolution of software i [more...]
Date: 22 January 2012 - 04:59
Filesize: 303.17 kb
Total Downloads: 64
(Malware / Security Analysis:)
Detection of Metamorphic and Virtualization-based Malware
Author: Matt Webster, Grant Malcolm
We present an overview of the latest developments in the detection of metamorphic and virtualization based malware using an algebraic specification of the Intel64 assembly programming language. After giving an overview of related work, we describe [more...]
Date: 22 January 2012 - 04:58
Filesize: 184.26 kb
Total Downloads: 69
(Cryptography / Algorithms:)
Lightweight Cryptographic Algorithms
Author: Jorge Nakahara Jr
In this report, we survey the latest developments, including work-in-progress, on lightweight cryptographic algorithms, such as block ciphers and cryptographic protocols aimed at resource-constrained devices such as RFID tags and sensor networks. Thi [more...]
Date: 22 January 2012 - 04:56
Filesize: 474.04 kb
Total Downloads: 49
(IDA Plugins:)
Optimice 0.14
Author: Branko Spasojevic
This plugin enables you to remove some common obfuscations and rewrite code to a new segment. Currently supported optimizations are:
Dead code removal
JMP merging
JCC opaque predicate removal
Pattern based deobfuscations
Plugin was test [more...]
Date: 22 January 2012 - 04:56
Filesize: 563.47 kb
Total Downloads: 271
(IDA Plugins:)
PBStrings 0.1
Author: P47R!CK
Meant for decoding pb's encrypted strings.
Date: 22 January 2012 - 04:54
Filesize: 3.35 kb
Total Downloads: 40
(IDA Plugins:)
SigMaker 0.1
Author: P47R!CK
Can create sigs automatically and has a wide variety of functions (might be unstable on IDA 6.2).
Date: 22 January 2012 - 04:53
Filesize: 36.77 kb
Total Downloads: 48
(C.O.R.E. Solutions:)
Solution to Mr. eXoDia KeygenMe #2
Author: TCrazyC
KeygenMe solution Mr. eXoDia's KeygenMe #2
Date: 22 January 2012 - 04:51
Filesize: 580.83 kb
Total Downloads: 67
(IDA Plugins:)
Wrapgen 0.1
Author: P47R!CK
Creates wrappers for DLL's from IDBS.
Date: 22 January 2012 - 04:49
Filesize: 66.2 kb
Total Downloads: 48
(Process Explorers / Monitors:)
API Logger 1.8
Author: Black Ninja
The program is intended for monitoring API-functions that are called by other programs and function may not be API, in other words it may lie inside exe or dll and not export at all.
Features:
* Compatible with 32bit Win2k, XP, Vista, Win7
* [more...]
Date: 08 January 2012 - 08:00
Filesize: 205.48 kb
Total Downloads: 936
(Anti-Debugging:)
The Ultimate Anti-Debugging Reference
Author: Peter Ferrie
A debugger is probably the most commonly-used tool when reverse-engineering (a disassembler tool such as the Interactive DisAssembler (IDA) being the next most common). As a result, anti-debugging tricks are probably the most common feature of code i [more...]
Date: 26 December 2011 - 12:47
Filesize: 661.79 kb
Total Downloads: 1024
(KeygenMe:)
Mr. eXoDia KeygenMe #2
Author: Mr. eXoDia
I've created a quite easy KeygenMe from which I would like you solve it :)
No packer/protector, just plain C with a not-so-fancy looking GUI..
Please send solutions to: mr.exodia.tpodt@gmail.com
Date: 26 December 2011 - 12:44
Filesize: 41.49 kb
Total Downloads: 162
(OllyDbg Plugins:)
AttachHelper 0.1
Author: Hyunseung
If the target process is packed with Themida an OllyDbg crash could occur because "DbgBreakPoint", "DbgUiRemoteBreakin" is modified. This plugin automatically restores "DbgBreakPoint", "DbgUiRemoteBreakin".
Date: 22 December 2011 - 07:39
Filesize: 47.64 kb
Total Downloads: 252
(Software Testing and Binary Static Analysis:)
Automatic Reverse Engineering of Data Structures from Binary Execution
Author: Zhiqiang Lin, Xiangyu Zhang, Dongyan Xu
With only the binary executable of a program, it is useful to discover the programs data structures and infer their syntactic and semantic definitions. Such knowledge is highly valuable in a variety of security and forensic applications. Although the [more...]
Date: 22 December 2011 - 07:38
Filesize: 333.44 kb
Total Downloads: 204
(Malware / Security Analysis:)
Hardware Involved Software Attacks
Author: Jeff Forristal
Computer security vulnerabilities involving hardware are under-represented within the security industry. With a growing number of attackers, malware, and researchers moving beyond pure software attack scenarios and into scenarios incorporating a hard [more...]
Date: 22 December 2011 - 07:36
Filesize: 1.26 mb
Total Downloads: 91
(Software Testing and Binary Static Analysis:)
Improved Memory-Access Analysis for x86 Executables
Author: Thomas Reps, Gogul Balakrishnan
Over the last seven years, we have developed static-analysis methods to recover a good approximation to the variables and dynamically allocated memory objects of a stripped executable, and to track the flow of values through them. It is relatively ea [more...]
Date: 22 December 2011 - 07:34
Filesize: 326.53 kb
Total Downloads: 118
(Unpacking Tutorials:)
RLPack 1.21 + WinLicense 2.0x (Unpacking)
Author: LCF-AT
Today I release a new manually unpack tutorial about a double protection UnpackMe. So I thought it is a good idea to create a new one and this also without to use a script. This tutorial I made is created in "Newbie Stlye" so that means tha [more...]
Date: 22 December 2011 - 07:32
Filesize: 15.32 mb
Total Downloads: 426
|
|
|
[ Tuts 4 You ]
