PinMe! 0.6
I wanted to be able to view and access all windows from the click of the tray icon and be able to set their window state to either TopMost (pinned) or NoTopMost (normal) quickly and in a discreet...
View ArticleMultiline Ultimate Assembler 2.3.1 (2)
Multiline Ultimate Assembler (formerly MUltimate Assembler) is a multiline (and ultimate) assembler (and disassembler) plugin for OllyDbg. It's a perfect tool for modifying and extending a compiled...
View ArticleImprimer La Selection 28.12.2014
This plugin allows you to print the selected text using CTRL+I
View ArticleFastPad Plugin 19.01.2015
Allows you to take notes without the window encroaching on the program being debugged.
View ArticleIDA Pro Disassembler 6.8.15.413 (Windows, Linux, Mac)
IDA Pro is a programmable, interactive, multi-processor disassembler combined with a local and remote debugger and augmented by a complete plugin programming environment.IDA Pro is in many ways unique....
View Articlex64_dbg 0.24
This is a x32/x64 debugger that is currently in active development.The debugger has (currently) three parts:- DBG- GUI- BridgeDBG is the debugging part of the debugger. It handles debugging (using...
View ArticleArkDasm 1.0.0
ArkDasm is a 64-bit interactive disassembler. Supported file types: PE64, raw binary files.Main features:- parsing PE32+ imports, exports, resources- subroutine stack data (arguments, local variables)...
View ArticleVerifying Curve25519 Software
This paper presents results on formal verification of high-speed cryptographic software. We consider speed-record-setting hand-optimized assembly software for Curve25519 elliptic-curve key exchange...
View ArticleKeygenning Using the Z3 SMT Solver
Quoting Wikipedia, In computer science and mathematical logic, the satisfiability modulo theories (SMT) problem is a decision problem for logical formulas with respect to combinations of background...
View ArticleDyamar Protector 1.3x Unpacker
Recently I get over a nice easy keygenme protected with this protector and I feel the need to automate the unpacking process.Was a fun journey because the protector insert a unique stub almost every...
View ArticleDeep Packer Inspection - A Longitudinal Study of the Complexity of Run-Time...
Run-time packers are often used by malware-writers to obfuscate their code and hinder static analysis. The packer problem has been widely studied, and several solutions have been proposed in order to...
View ArticleBehavioral Analysis of Obfuscated Code
Classically, the procedure for reverse engineering binary code is to use a disassembler and to manually reconstruct the logic of the original program. Unfortunately, this is not always practical as...
View ArticleiOS App Reverse Engineering
Software reverse engineering refers to the process of deducing the implementation and design details of a program or a system by analyzing the functions, structures or behaviors of it. When we are very...
View ArticleKeygenning Phoenix-Dev Shrink
This tutorial is for the experienced reverse engineer and not a beginners help. I'm not going deep into everything, but you should be able to follow my ideas. It took me some time to understand how...
View ArticleMass Surveillance
This document identifies the risks of data breaches for users of publicly available Internet services such as email, social networks and cloud computing, and the possible impacts for them and the...
View ArticleReassembleable Disassembling
Reverse engineering has many important applications in computer security, one of which is retrofitting software for safety and security hardening when source code is not available. By surveying...
View ArticleThe Memory Sinkhole
In x86, beyond ring 0 lie the more privileged realms of execution, where code is invisible to AV, we have unfettered access to hardware, and can trivially preempt and modify the OS. The architecture...
View ArticleTranslingual Obfuscation
Program obfuscation is an important software protection technique that prevents attackers from revealing the programming logic and design of the software. We introduce translingual obfuscation, a new...
View ArticleSymbolic Execution of Obfuscated Code
Symbolic and concolic execution find important applications in a number of security-related program analyses, including analysis of malicious code. However, malicious code tend to very often be...
View ArticleReversing An Obfuscated Java Malware
Some time in the recent past, I stumbled upon a news on The Intercept, about a malware being used against some Argentine prosecutor, who was found dead under uncanny circumstances (Fig. 1 & 2)....
View ArticlePreventing Reverse Engineering of Native and Managed Programs
One of the important aspects of protecting software from attack, theft of algorithms, or illegal software use is eliminating the possibility of performing reverse engineering. One common method used to...
View ArticleOffensive Techniques in Binary Analysis
Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of...
View ArticleObfuscation Code Localization Based on CFG Generation of Malware
This paper presents a tool BE-PUM (Binary Emulator for PUshdown Model generation), which generates a precise control flow graph (CFG), under presence of typical obfuscation techniques of malware, e.g.,...
View ArticleLooking Inside the (Drop) Box
Dropbox is a cloud based file storage service used by more than 100 million users. In spite of its widespread popularity, we believe that Dropbox as a platform hasn’t been analyzed extensively enough...
View ArticleGPU-Disasm - A GPU-based x86 Disassembler
Static binary code analysis and reverse engineering are crucial operations for malware analysis, binary-level software protections, debugging, and patching, among many other tasks. Faster binary code...
View ArticleFactoring RSA Keys With TLS Perfect Forward Secrecy
This report describes the successful factorization of RSA moduli, by connecting to faulty TLS servers which enable forward secrecy and which use an insufficiently hardened RSA-CRT implementation. The...
View ArticleDe-anonymizing Programmers via Code Stylometry
Source code authorship attribution is a significant privacy threat to anonymous code contributors. However, it may also enable attribution of successful attacks from code left behind on an infected...
View ArticleControl Flow Graph Based Multiclass Malware Detection Using Bi-normal Separation
Control flow graphs (CFG) and OpCodes extracted from disassembled executable files are widely used for malware detection. Most of the research in static analysis is focused on binary class malware...
View ArticleContext-Sensitive Analysis of Obfuscated x86 Executables
A method for context-sensitive analysis of binaries that may have obfuscated procedure call and return operations is presented. Such binaries may use operators to directly manipulate stack instead of...
View ArticleCharacterizing Loops in Android Applications
When performing program analysis, loops are one of the most important aspects that needs to be taken into account. In the past, many approaches have been proposed to analyze loops to perform different...
View ArticleA Proposal For a Stateless Laptop
Modern Intel x86-based endpoint systems, such as laptops, are plagued by a number of security-related problems. Additionally, with the recent introduction of Intel Management Engine (ME)...
View ArticleA Practical Cryptanalysis of the Telegram Messaging Protocol
The number one rule for cryptography is never create your own crypto. Instant messaging application Telegram has disregarded this rule and decided to create an original message encryption protocol. In...
View ArticleRCE Messageboard's Regroupment (2008 - 2016)
RCE Messageboard's Regroupment, "serious reversing, cracking and programming discussions."Discussion board content archived between 2008 and 2016. Previously hosted at: http://www.woodmann.com/
View ArticleThe Immortal Descendants (1997 - 2001)
The Immortal Descendants started out as members of an IRC group on irc.prodigy.net called "Deadmen.Society" way back in 1995. As we gained skills, we realized that there were better, and more...
View ArticleFravias Second Period: Web Searching ("Search Lores") (2000 - 2009)
I have opened my www.searchlores.org, in Oz, in February 2000. Searchlores seems fairly popular: I receive on my main site alone an average of (around) a million hits per month, without counting the...
View ArticleFravias First Period: Reverse Engineering ("Reality Cracking") (1995 - 1999)
My reader, this labyrinth of pages (you'll never be able to count them all :-) contains many teachings, and will help you gain knowledge that you will not find elsewhere. Please wander slowly inside:...
View ArticleCrackmes.de (2011 - 2015)
Crackmes.de, a site for testing reversing skills. Crackmes range from "Very Easy" to "Very Hard" for many operating systems.Archive contains a 2011 release from Malware Ninja... Well after the...
View ArticlePECOFF Revision 11.0
This specification describes the structure of executable (image) files and object files under the Windows family of operating systems. These files are referred to as Portable Executable (PE) and Common...
View ArticleObsidium 1.5.x.x (Unpacking)
A quick unpacking tutorial covering Obsidium 1.5.x.x builds. Example unpackme file of Obsidium 1.5.2 Build 11 included.
View Article