Category: Reverse Engineering
CERT Kaiju Binary Analysis Framework for GHIDRA CERT Kaiju is a collection of binary analysis tools for Ghidra. This is a Ghidra/Java implementation of some features of the CERT Pharos Binary Analysis Framework, particularly the...
OverRide Explore disassembly, binary exploitation & reverse-engineering through 10 little challenges. In the folder for each level you will find: flag – password for next level README.md – how to find password source.c – the reverse-engineered...
ipcdump ipcdump is a tool for tracing interprocess communication (IPC) on Linux. It covers most of the common IPC mechanisms — pipes, fifos, signals, Unix sockets, loopback-based networking, and pseudoterminals. It’s a useful tool...
Ghidra EVM Module In the last few years, attacks on deployed smart contracts in the Ethereum blockchain have ended up in a significant amount of stolen funds due to programming mistakes. Since smart contracts,...
Reverse Engineer’s Toolkit What? This is a collection of tools you may like if you are interested in reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you’ll...
Obfuscation Detection Automatically detect control-flow flattening and other state machines Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Control-flow flattening is a code transformation that removes structure from a...
efi_fuzz In recent years, firmware-level attacks against UEFI have grown in popularity and became more and more complex. Prominent examples of such attacks from this year alone include CVE-2020-12890 (SMM callout vulnerability in AMD’s...
Damn Vulnerable C Program This is a simple C program, I coded to explain common types of vulnerabilities like: integer overflow integer underflow Out of bound Read Out of bound Write Double Free Use...
Doldrums Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named libapp.so, for all Dart version 2.10 releases....
PE-Packer PE-Packer is a simple packer for Windows PE files. The new PE file after packing can obstruct the process of reverse engineering. It will do the following things when packing a PE file: Transforming the original import...
Dexcalibur Dexcalibur is an Android reverse engineering platform focus on instrumentation automation. Its particularity is to use dynamic analysis to improve static analysis heuristics. It aims to automate boring tasks related to dynamic instrumentation,...
ghidra_kernelcache: a Ghidra iOS kernelcache framework for reverse engineering ghidra_kernelcache framework is the end product of my experience in reverse engineering iOS kernelcache, I do manually look for vulnerabilities in the kernel and have...
COM-Code-Helper Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code Especially malware reversers will find this useful, as COM Code is still regularly found in malware. ClassAndInterfaceToNames.py This IDAPython script...
JTAGulator On-chip debug (OCD) interfaces can provide chip-level control of a target device and are a primary vector used by engineers, researchers, and hackers to extract program code or data, modify memory contents or...
ImHex A Hex Editor for Reverse Engineers, Programmers, and people that value their eyesight when working at 3 AM. Features Featureful hex view Byte patching Patch management Copy bytes as feature Bytes Hex string...