The Witchcraft Compiler Collection Purpose WCC is a collection of compilation tools to perform binary black magic on the GNU/Linux and other POSIX platforms. Install Requirement # Required for add-apt-repository...
Malware Analysis / Reverse Engineering
by do son · Published December 13, 2017 · Last modified November 4, 2024
PowerShellArsenal is a PowerShell module used to aid a reverse engineer. The module can be used to disassemble managed and unmanaged code, perform .NET malware analysis, analyze/scrape memory, parse file...
“Pop Nedry” x86-64 Payload Why pop calc, when you can pop Nedry!? This repository contains an x86-64 payload that recreates the Jurassic Park scene in which Dennis Nedry locks Ray...
IDA Batch Decompile is a plugin for Hex-Ray’s IDA Pro that adds the ability to batch decompile multiple files and their imports with additional annotations (xref, stack var size) to...
TeamViewer Permissions Hook v1 A proof of concept injectable C++ DLL, that uses naked inline hooking and direct memory modification to change TeamViewer permissions. Features As the Server – Enables extra...
IDA EA – A set of exploitation/reversing aids for IDA Features Context Viewer New context viewer for IDA, Features include: Recursive pointer dereference History browser Color-coded memory Instruction rewind feature A...
Malware Analysis / Reverse Engineering
by do son · Published October 30, 2017 · Last modified November 4, 2024
Table of Contents Introduction The Basics Getting Information Modes of Operation Navigation Visual Navigation Debugging Visual Debugging Editing Visual Graphs Project Management Configuration Tutorials Simple Patch Memory Manipulation ESIL Simple...
HoloDec The goal of HoloDec is to write an open source decompiler for x86/x86-64 binaries. For starters, only ELF binaries with x86-64 will be supported, but the process is going...
peda PEDA – Python Exploit Development Assistance for GDB Key Features: Enhance the display of gdb: colorize and display disassembly codes, registers, memory information during debugging. Add commands to support...
Reverse Engineering / Smartphone PenTest
by do son · Published October 17, 2017 · Last modified November 4, 2024
Passionfruit Simple iOS app blackbox assessment tool. Powered by frida.re and vuejs. Features Fully web-based GUI! Only supports jailbroken device now. A non-jailbroken solution is on the way. List all url schemes. Screenshot....
Forensics / Reverse Engineering / Smartphone PenTest
by do son · Published September 10, 2017 · Last modified October 10, 2021
MARA_Framework MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in...
fido Teaching an old shellcode new tricks Give fido.py a x86 (32 bit or 64 bit) windows shellcode and it will strip off Stephen Fewer’s hash API stub and replace...
Introduction By Chris Le Roy (@brompwnie) chris@sensepost.com Rattler is a tool that automates the identification of DLL’s which can be used for DLL preloading attacks. More information can be found in...
X86 Shellcode Obfuscator This is a WIP tool that performs shellcode obfuscation in x86 instruction set. If you want to learn more, check out my blog where I explain how it works:...
shadow :: De Mysteriis Dom jemalloc shadow is a jemalloc heap exploitation framework. It has been designed to be agnostic of the target application that uses jemalloc as its heap allocator...
Support Securityonline.info site. Thanks!
