Reverse Engineering / Smartphone PenTest
by do son · Published October 31, 2020 · Last modified September 26, 2023
NFCGate NFCGate is an Android application meant to capture, analyze, or modify NFC traffic. It can be used as a researching tool to reverse engineer protocols or assess the security of protocols against traffic...
ImHex A Hex Editor for Reverse Engineers, Programmers, and people that value their eyesight when working at 3 AM. Features Featureful hex view Byte patching Patch management Copy bytes as feature Bytes Hex string...
Dr. Memory: the memory debugger Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units...
Seccomp Tools Provide powerful tools for seccomp analysis. This project is targeted to (but not limited to) analyze seccomp sandbox in CTF pwn challenges. Some features might be CTF-specific, but still useful for analyzing...
Forensics / Reverse Engineering
by do son · Published March 9, 2021 · Last modified September 19, 2023
Obfuscation Detection Automatically detect control-flow flattening and other state machines Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Control-flow flattening is a code transformation that removes structure from a...
pwntools – CTF toolkit Pwntools is a CTF framework and exploits the development library. Written in Python, it is designed for rapid prototyping and development and intended to make exploit writing as simple as...
MC Extractor is a tool which parses Intel, AMD, VIA, and Freescale processor microcode binaries. It can be used by end-users who are looking for all relevant microcode information such as CPUID, Platform, Version,...
Canadian Furious Beaver Idea Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: the “Broker” combines both a user-land agent and a self-extractable driver...
Datalog Disassembly A fast disassembler which is accurate enough for the resulting assembly code to be reassembled. The disassembler implemented using the datalog (souffle) declarative logic programming language to compile disassembly rules and heuristics. The disassembler first parses...
GTIRB The GrammaTech Intermediate Representation for Binaries (GTIRB) is a machine code analysis and rewriting data structure. It is intended to facilitate the communication of binary IR between programs performing binary disassembly, analysis, transformation,...
