GDBFrontend GDBFrontend is an easy, flexible, and extension-able gui debugger. Changelog v0.11.3 beta Fixed startup issue on MacOS for x86_64 architecture (now it must be usable on x64 MacOS, please...
ATFuzzer “Opening Pandora’s Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones” is accepted to the 35th Annual Computer Security Applications Conference (ACSAC) 2019. Structure of ATFuzzer implementation...
x64dbg x64dbg is an open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the source code for. There are many features...
Runtime Mobile Security Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump...
libptrace libptrace is an event-driven process/thread debugging, tracing, and manipulation framework. It is written in C and has Python 2.7 bindings. It is meant to be used as a library....
Frida/QBDI Android API Fuzzer This experimental fuzzer is meant to be used for API in-memory fuzzing on Android. The design is highly inspired and based on AFL/AFL++. ATM the mutator...
angrgdb Use angr inside GDB. Create an angr state from the current debugger state. Install pip install angrgdb echo “python import angrgdb.commands” >> ~/.gdbinit Usage angrgdb implements the angrdbg API in GDB....
Bleak A Windows native DLL injection library that supports several methods of injection. Injection Methods CreateThread HijackThread ManualMap Optional Extensions EjectDll HideDllFromPeb RandomiseDllHeaders RandomiseDllName Features WOW64 and x64 injection Caveats...
Advanced Binary Deobfuscation This repository contains the course materials of Advanced Binary Deobfuscation at the Global Cybersecurity Camp (GCC) Tokyo in 2020. Course Abstract Reverse engineering is not easy, especially if a...
ScatterBrain Suite ScatterBrain is a shellcode runner with a variety of execution and elevation options. Given unencoded shellcode, it will then be encoded with the XOR key SecretKey (found in Cryptor/Program.cs and ScatterBrain/Headers/RawData.h) using...
Dr.Semu Malware Detection and Classification Tool Based on Dynamic Behavior Dr.Semu runs executables in an isolated environment monitors the behavior of a process and based on Dr.Semu rules created by you...
HookCase HookCase is a tool for debugging and reverse engineering applications on macOS (aka OS X), and the operating system itself. It re-implements and extends Apple’s DYLD_INSERT_LIBRARIES functionality. It can be used...
deREferencing deReferencing is an IDA Pro plugin that implements new registers and stack views. Adds dereferenced pointers, colors and other useful information, similar to some GDB plugins (e.g: PEDA, GEF,...
Reverse engineering focusing on x64 Windows What We’ll Do/Learn: This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of...
Malware Analysis / Reverse Engineering
by do son · Published January 28, 2020 · Last modified August 7, 2023
Qiling – Advanced Binary Emulation framework Qiling is an advanced binary emulation framework, with the following features: Cross-platform: Windows, MacOS, Linux, BSD Cross architecture: X86, X86_64, Arm, Arm64, Mips Multiple...
Support Securityonline.info site. Thanks!
