HookCase HookCase is a tool for debugging and reverse engineering applications on macOS (aka OS X), and the operating system itself. It re-implements and extends Apple’s DYLD_INSERT_LIBRARIES functionality. It can be used to hook any method...
pwndbg (/poʊndbæg/) is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers. Pwndbg has a lot of useful...
GEF – GDB Enhanced Features GEF is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make GDB cool again for exploit dev. It is aimed to be used mostly...
Shed is an application that allows inspecting the .NET runtime of a program in order to extract useful information. It can be used to inspect malicious applications in order to have a first general overview...
edb is a cross-platform x86/x86-64 debugger. It was inspired by Ollydbg but aims to function on x86 and x86-64 as well as multiple OS’s. Linux is the only officially supported platform at the moment, but...
Reverse engineering focusing on x64 Windows What We’ll Do/Learn: This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of binaries, then reverse some...
PLASMA PLASMA is an interactive disassembler. It can generate a more readable assembly (pseudo code) with colored syntax. You can write scripts with the available Python api (see an example below). The project is...
ROPgadget Tool This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF/PE/Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures. Since the version...
