A PE Format poster in A1 59,4 x 84,1 cm format, including almost all of the structures from PE/PE32+ format (with comments from WinNT.h header file).
... Read more
BugChecker is a single-host kernel debugger for the Microsoft Windows 2000 and XP operating systems. "Single-host" means that the debugger and the debuggee (in this case the whole system,
... Read more
Flasm disassembles your entire SWF including all the timelines and events. Looking at disassembly, you learn how the Flash compiler works, which improves your ActionScript skills. You can also do some
... Read more
RR0D is a ring 0 debugger. It offers the possibility to debug any kind of code (kernel/user/rasta land). Its philosophy is to be OS independent. That's why RR0D can today be installed on Linux, *BSD,
... Read more
ReFox is a multi-purpose and easy-to-use utility for viewing and restoring source code from Visual FoxPro 9.0, VFP 8.0, VFP 7.0, VFP 6.0, VFP 5.0, VFP 3.0, FoxPro 2.x, FoxPro 1 and FoxBASE+ compiled
... Read more
REC is a portable reverse engineering compiler, or decompiler. It reads an executable file, and attempts to produce a C-like representation of the code and data used to build the executable file.
... Read more
Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap
... Read more
Reflector is the class browser, explorer, analyzer and documentation viewer for .NET. Reflector allows to easily view, navigate, search, decompile and analyze .NET assemblies in C#, Visual Basic and
... Read more
Resourcer is an editor for .resources binaries and .resX XML file formats used with the .NET platform. Resourcer allows editing of name/string pairs, import of bitmaps/icons and and merging of
... Read more
Alex is a kernel developer, reverse engineer, and Microsoft Student Ambassador. This blog shares Alex’s views and news on Technology, OS Development and Reverse Engineering.
... Read more
Resourcer is a powerful and flexible resource editor for Microsoft Windows that features full x64 and Vista/Win7 support, in addition to PNG icons and is also free and open-source (GPL).
... Read more
API Monitor is a software that allows you to spy and display Win32 API calls made by applications. It can trace any exported APIs and display wide range of information, including function name, call
... Read more
ASHE is a tool to help analyze the structure of any type of disk file. It allows locating and modifying any type of data in a file quickly and easily. Once the structure of a file has been identified,
... Read more
FastScanner is a Detector for most packers, cryptors and compilers for PE Files Programmed in ASM and designed for ýfast access to most needed plugins.
... Read more
I am a professional security researcher who enjoys working with vulnerabilities. I am fascinated by what causes vulnerable code and the methods used to exploit these flaws.
... Read more
The original Blue Pill proof of concept code has been written by Joanna Rutkowska, while working for COSEINC, and presented at the Black Hat Briefings 2006 in Las Vegas on August 3rd. Joanna Rutkowska
... Read more
Bochs is a highly portable open source IA-32 (x86) PC emulator written in C++, that runs on most popular platforms. It includes emulation of the Intel x86 CPU, common I/O devices, and a custom BIOS.
... Read more
This project is an attempt to develop a real decompiler for machine code programs through the open source community. A decompiler takes as input an executable file, and attempts to create a high
... Read more
BugChecker is a single-host kernel debugger for the Microsoft Windows 2000 and XP operating systems. "Single-host" means that the debugger and the debuggee (in this case the whole system,
... Read more
Bugtraq is an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of
... Read more
Bus Hound is the premier software bus analyzer for capturing I/O, protocol, and performance measurements. You can also send your own custom commands from a graphical interface. Because Bus Hound is a
... Read more
busTRACE is a comprehensive bus and device analysis tool in use by leading system OEMs, peripheral OEMs, software developers, USB developers, and storage developers all over the world.
... Read more
Cavaj Java Decompiler is a graphical freeware utility that reconstructs java source code from CLASS files. You can decompile java applets, jar and zip files producing accurate java source code. Browse
... Read more
The D language is statically typed and compiles directly to machine code. It's multiparadigm, supporting many programming styles: imperative, object oriented, and metaprogramming. It's a member of the
... Read more
In the overwhelming sea of information, access to timely, insightful and independent open-source intelligence (OSINT) analyses is crucial for maintaining the necessary situational awareness to stay on
... Read more
DarkBASIC is a commercial game creation programming language released by the United Kingdom based company The Game Creators. The language is a structured form of BASIC and is similar to AMOS on the
... Read more
DFM Editor allows edit and create Borland Delphi VCL Forms in text and binary format. It is compatible with all Borland Delphi versions (including BDS). DFM Editor can extracts forms from compiled
... Read more
Java Overall Editor is a complex editor and viewer for compiled java binaries (.class files). Main features includes:
Viewer for: constant pool, methods, fields and various attributes
Editor for:
... Read more
diStorm is a binary stream disassembler. It's capable of disassembling 80x86 instructions in 64 bits (AMD64, x86-64) and both in 16 and 32 bits. In addition, it disassembles FPU, MMX, SSE, SSE2, SSE3
... Read more
Easy Code is the visual assembly programming environment made to build 32-bit Windows applications. The Easy Code interface, looking like Visual Basic, allows you to program a Windows assembler
... Read more
I currently work for Sabre Security in Bochum, Germany.
Up to November 2005 I worked for F-Secure Corporation as an Anti-Virus Researcher in the research Lab in San Jose, CA. The company's
... Read more
The Executable and Linking Format was originally developed and published by UNIX System Laboratories (USL) as part of the Application Binary Interface (ABI). The Tool Interface Standards committee
... Read more
eXeScope can analyze, display various information, and rewrite resources of executable files, that is, EXE, DLL, OCX, etc. without source files.
... Read more
F-Secure BlackLight Rootkit Elimination Technology detects objects that are hidden from users and security tools and offers the user an option to remove them. The main purpose is to fight rootkits and
... Read more
Opening Files
FileInsight allows to open files for analysis both directly from the local harddisk, using the Open toolbar button, or by typing a URL into the Web toolbar and clicking the Get button
... Read more
FileMon monitors and displays file system activity on a system in real-time. Its advanced capabilities make it a powerful tool for exploring the way Windows works, seeing how applications use the
... Read more
This is my humble attempt at sharing questions, ideas, interesting topics and filthy pictures I stumble upon while doing what I do best (and most) – all sorts of geek stuff.
I like programming,
... Read more
Flare processes an SWF and extracts all scripts from it. The output is written to a single text file. Only ActionScript is extracted, no text or images. Flare is freeware. Windows, Mac OS X and Linux
... Read more
Flasm disassembles your entire SWF including all the timelines and events. Looking at disassembly, you learn how the Flash compiler works, which improves your ActionScript skills. You can also do some
... Read more
FlexHex is a hex editor program specially designed to help you securely edit binary files, OLE compound files, logical devices, and physical drives. Specifically, FlexHEX supports sparse files and
... Read more
The TMT Pascal compiler is a fast compiler for the Pascal language. The compiler emits 32-bit code and supports many language extensions from Borland Pascal (BP), as well as more powerful new
... Read more
Free Hex Editor Neo is award-winning large files optimized freeware editor for everyone who works with ASCII, hex, decimal, float, double and binary data.
Freeware Hex Editor Neo allows you to
... Read more
Free Pascal (aka FPK Pascal) is a 32 and 64 bit professional Pascal compiler. It is available for different processors: Intel x86, Amd64/x86_64, PowerPC, PowerPC64, Sparc, ARM.
... Read more
FreeBASIC is a completely free, open-source, 32-bit BASIC compiler, with the syntax the most compatible possible with MS-QuickBASIC, that adds new features such as pointers, unsigned data types,
... Read more
Fresh is a visual assembly language IDE with built-in FASM assembler. The main goal of Fresh is to make programming in assembly as fast and efficient as in other visual languages, without sacrificing
... Read more
GNUCITIZEN is a Cutting-edge Ethical Hacker Outfit. We hack things for a living. To hack does not necessarily mean to crack into something illegally. We don’t do that! We get paid to hack, which is a
... Read more
Groovy Hex Editor is an editor for editing binary files. It's compatible with any type of file, including text documents, save game files, program executables, data files, etc. I've tried to make
... Read more
Wieloplatformowy interpeter języka Scheme stworzony przez FSF w ramach projektu GNU. Umożliwia tworzenie aplikacja z zagniżdzonym interpeterem w języku C (jako biblioteka dynamiczna)
... Read more
Hackman Suite is a multi-module all purpose debugging tool. It includes a hex editor, a disassembler, a template editor, a hex calculator and other everyday useful tools to assist programmers and code
... Read more
Helios has been designed to detect, remove and innoculate against modern rootkits. What makes it different from conventional antivirus / antispyware products is that it does not rely on a database of
... Read more
HHD Software Free Hex Editor Neo - Free Binary File Editing Utility. Freeware for Windows with Text Viewer, Advanced Search and Replace, Debug Features.
... Read more
Hex Workshop is a set of hexadecimal development tools for
Windows combining advanced binary editing with the ease and flexibility of a word processor. With Hex Workshop you can edit, insert,
... Read more
Hex-Rays is a decompiler that transforms binary applications into a high level C-like pseudo code. Unlike disassemblers, which perform the same task at a lower level, the decompiler output is concise
... Read more
Hexer is a hex editor written in Java, the underlying principle of Hexer is complete extensibility (think of Hexer as the Eclipse of hex editors).
... Read more
HT is a file editor / viewer / analyzer for executables. The goal is to combine the low-level functionality of a debugger and the usability of IDEs.
... Read more
IDA Pro is a Windows or Linux hosted multi-processor disassembler and debugger that offers so many features it is hard to describe them all.
... Read more
Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap
... Read more
Daniel Reynaud is currently a PhD student in France, in the computer security team of the Loria lab in the mostly harmless city of Nancy. His research focuses on computer viruses and more generally
... Read more
As far as I recall, subjects related to programming (C, C++, x86 assembler, Python and so on), reverse engineering, malware analysis (just like the one before), Bughunting (again!), NT OS internals
... Read more
Jad is a Java decompiler, i.e. program that reads one or more Java class files and converts them into Java source files which can be compiled again.
... Read more
The “Java Decompiler project” aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions. JD-GUI is a standalone graphical utility that displays Java source
... Read more
JReversePro is a Java Decompiler / Disassembler written in Java. Facility to view the ConstantPool contents is available. AWT, Swing and command-line versions are present.
... Read more
JWasm is a MASM v6 compatible assembler. It's a fork of Open Watcom's WASM and released under the Sybase Open Watcom Public License, which allows free commercial and non-commercial use. JWasm is
... Read more
KaKeeware Application Monitor is a very small API monitor that allows the user to monitor the APIs called by the given application. KAM supports 5577 different APIs as for now. KAM works as an API spy
... Read more
The Analyst's Diary is a weblog maintained by virus analysts from Kaspersky Lab headed by Eugene Kaspersky. Find out more about the authors of this weblog.
... Read more
This blog will feature posts on a number of recurring themes , including:
Online Crime Investigations: A major focus of my work over the past half decade has been to highlight individuals, networks
... Read more
Linice is an Intel x86-based, Linux source-level kernel debugger with the look and feel of SoftIce for MS Windows. Linice is designed to be used by the people who have SoftIce experience. Linice
... Read more
The free, open-source, Unix administrative tool lsof (for LiSt Open Files) displays information about files open to Unix processes. It runs on many Unix dialects, including FreeBSD, and its home site
... Read more