A PE Format poster in A1 59,4 x 84,1 cm format, including almost all of the structures from PE/PE32+ format (with comments from WinNT.h header file).
... Read more
BugChecker is a single-host kernel debugger for the Microsoft Windows 2000 and XP operating systems. "Single-host" means that the debugger and the debuggee (in this case the whole system,
... Read more
Flasm disassembles your entire SWF including all the timelines and events. Looking at disassembly, you learn how the Flash compiler works, which improves your ActionScript skills. You can also do some
... Read more
RR0D is a ring 0 debugger. It offers the possibility to debug any kind of code (kernel/user/rasta land). Its philosophy is to be OS independent. That's why RR0D can today be installed on Linux, *BSD,
... Read more
ReFox is a multi-purpose and easy-to-use utility for viewing and restoring source code from Visual FoxPro 9.0, VFP 8.0, VFP 7.0, VFP 6.0, VFP 5.0, VFP 3.0, FoxPro 2.x, FoxPro 1 and FoxBASE+ compiled
... Read more
REC is a portable reverse engineering compiler, or decompiler. It reads an executable file, and attempts to produce a C-like representation of the code and data used to build the executable file.
... Read more
Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap
... Read more
RR0D is a ring 0 debugger. It offers the possibility to debug any kind of code (kernel/user/rasta land). Its philosophy is to be OS independent. That's why RR0D can today be installed on Linux, *BSD,
... Read more
ReFox is a multi-purpose and easy-to-use utility for viewing and restoring source code from Visual FoxPro 9.0, VFP 8.0, VFP 7.0, VFP 6.0, VFP 5.0, VFP 3.0, FoxPro 2.x, FoxPro 1 and FoxBASE+ compiled
... Read more
REC is a portable reverse engineering compiler, or decompiler. It reads an executable file, and attempts to produce a C-like representation of the code and data used to build the executable file.
... Read more
Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap
... Read more
This document specifies the structure of executable (image) files and object files under the Microsoft Windows family of operating systems. These files are referred to as Portable Executable (PE) and
... Read more
Alex is a kernel developer, reverse engineer, and Microsoft Student Ambassador. This blog shares Alex’s views and news on Technology, OS Development and Reverse Engineering.
... Read more
A PE Format poster in A1 59,4 x 84,1 cm format, including almost all of the structures from PE/PE32+ format (with comments from WinNT.h header file).
... Read more
VB RezQ can recover source from all types of 32-bit Visual Basic executables i.e .exe, .ocx and .dll files created by VB4(32), VB5 and VB6.
... Read more
Syser Debugger is designed for Windows NT Family based on X86 platform. It is a core-level debugger with full-graphical interfaces and supports assembly debugging and source code debugging.
... Read more
This project is an attempt to develop a real decompiler for machine code programs through the open source community. A decompiler takes as input an executable file, and attempts to create a high
... Read more
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a
... Read more
At this moment the debugger supports a several number of debugging formats used by compilers of two most known companies - Borland and Microsoft.
... Read more
diStorm is a binary stream disassembler. It's capable of disassembling 80x86 instructions in 64 bits (AMD64, x86-64) and both in 16 and 32 bits. In addition, it disassembles FPU, MMX, SSE, SSE2, SSE3
... Read more
eXeScope can analyze, display various information, and rewrite resources of executable files, that is, EXE, DLL, OCX, etc. without source files.
... Read more
This site primary mirrors my interests on low level stuff like reverse engineering, malware and rootkit research, debugging and troubleshooting applications, as well as software protections and its
... Read more
TatraDAS is disassembler of x86 executables which supports PE, NE, MZ, COM, ELF and binary file formats. It includes disassembler, text viewer with syntax highlighting.
... Read more
KaKeeware Application Monitor is a very small API monitor that allows the user to monitor the APIs called by the given application. KAM supports 5577 different APIs as for now. KAM works as an API spy
... Read more
FastScanner is a Detector for most packers, cryptors and compilers for PE Files Programmed in ASM and designed for ýfast access to most needed plugins.
... Read more
Uninformed is a technical outlet for research in areas pertaining to security technologies, reverse engineering, and lowlevel programming. The goal, as the name implies, is to act as a medium for
... Read more
Hex-Rays is a decompiler that transforms binary applications into a high level C-like pseudo code. Unlike disassemblers, which perform the same task at a lower level, the decompiler output is concise
... Read more
The Executable and Linking Format was originally developed and published by UNIX System Laboratories (USL) as part of the Application Binary Interface (ABI). The Tool Interface Standards committee
... Read more
You can use Debugging Tools for Windows to debug drivers, applications, and services on systems running Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server
... Read more
OpenRCE aims to serve as a centralized resource for reverse engineers (currently heavily win32/security/malcode biased) by hosting files, blogs, forums articles and more.
... Read more
Reflector is the class browser, explorer, analyzer and documentation viewer for .NET. Reflector allows to easily view, navigate, search, decompile and analyze .NET assemblies in C#, Visual Basic and
... Read more
PEBrowse Professional Interactive builds upon the framework presented by PEBrowse Professional to create a very powerful, versatile, and customizable Win32 user mode debugger/disassembler. PEBrowse
... Read more
Resourcer is a powerful and flexible resource editor for Microsoft Windows that features full x64 and Vista/Win7 support, in addition to PNG icons and is also free and open-source (GPL).
... Read more
Linice is an Intel x86-based, Linux source-level kernel debugger with the look and feel of SoftIce for MS Windows. Linice is designed to be used by the people who have SoftIce experience. Linice
... Read more
Visual DuxDebugger is a debugger disassembler for Windows 64 bits, it is the first version so it is still very simple, but it has some features that others debuggers doesn’t have, it debugs multiple
... Read more
DFM Editor allows edit and create Borland Delphi VCL Forms in text and binary format. It is compatible with all Borland Delphi versions (including BDS). DFM Editor can extracts forms from compiled
... Read more
I am a professional security researcher who enjoys working with vulnerabilities. I am fascinated by what causes vulnerable code and the methods used to exploit these flaws.
... Read more
IDA Pro is a Windows or Linux hosted multi-processor disassembler and debugger that offers so many features it is hard to describe them all.
... Read more
Restorator is an utility to edit windows resources in applications and their components, e.g. files with .exe, .dll, .res, .rc, .dcr, extension (see PE files and RES files).
... Read more
Hackman Suite is a multi-module all purpose debugging tool. It includes a hex editor, a disassembler, a template editor, a hex calculator and other everyday useful tools to assist programmers and code
... Read more
In the overwhelming sea of information, access to timely, insightful and independent open-source intelligence (OSINT) analyses is crucial for maintaining the necessary situational awareness to stay on
... Read more
PureBasic is a programming language based on established BASIC rules. The key features of PureBasic are portability (Windows, AmigaOS and Linux are currently fully supported), the production of very
... Read more
VB Decompiler is decompiler for programs (EXE, DLL or OCX) written in Visual Basic 5.0/6.0. As you know, programs in Visual Basic can be compiled into interpreted p-code or into native code.
... Read more
BugChecker is a single-host kernel debugger for the Microsoft Windows 2000 and XP operating systems. "Single-host" means that the debugger and the debuggee (in this case the whole system,
... Read more
The Analyst's Diary is a weblog maintained by virus analysts from Kaspersky Lab headed by Eugene Kaspersky. Find out more about the authors of this weblog.
... Read more
This blog provides information about what's happening in the anti-malware technology team at Microsoft. We're the team that builds the core antivirus, antispyware, anti-rootkit, and related
... Read more
XN Resource Editor works with all resource files (.RES) and PE modules (.EXE, .DLL, etc.) but it has special knowledge of modules written in Delphi. It can display all the modules that comprise a
... Read more
MASM32 version 9 is a working development for programmers who are interested in either learning or writing 32 bit Microsoft assembler (MASM).
... Read more
Utility to control all objects that you see in Windows screen (text, combo boxes, buttons, pictures...). You will be able to enable disabled objects, to hide buttons, to modify menus... Useful utility
... Read more
ReversingLabs has been founded with the goal to provide the best file analysis tools and the best software protection tools. Our expertise in building superior software reversing tools, gives
... Read more
Resourcer is an editor for .resources binaries and .resX XML file formats used with the .NET platform. Resourcer allows editing of name/string pairs, import of bitmaps/icons and and merging of
... Read more
Offensive Computing, LLC was formed by Valsmith and Danny Quist as a resource for the computer security community. The primary emphasis here is on malware collections and analysis for the purpose of
... Read more
Designed for inspection and editing of Windows executable files, PE Explorer offers powerful static analysis and editing tools for working with EXE, DLL, ActiveX controls, and other executable file
... Read more
VBReFormer is a solution for recovering the design of each form and control, with all properties, values, all reference to external controls (ActiveX™ libraries), and all pictures. Then with
... Read more
WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday
... Read more
Resource Hacker is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script
... Read more
HT is a file editor / viewer / analyzer for executables. The goal is to combine the low-level functionality of a debugger and the usability of IDEs.
... Read more
Sandboxie runs your applications in an isolated abstraction area called a sandbox. Under the supervision of Sandboxie, an application operates normally and at full speed, but can't effect permanent
... Read more
SysAnalyzer is an application that was designed to give malcode analysts an automated tool to quickly collect, compare, and report on the actions a binary took while running on the system.
The
... Read more
The Symantec Security Response Weblog has been created to provide a forum for the team to share ideas and commentary on emerging issues and trends.
... Read more
ASHE is a tool to help analyze the structure of any type of disk file. It allows locating and modifying any type of data in a file quickly and easily. Once the structure of a file has been identified,
... Read more
A blog about activities, products and ideas at Sunbelt Software, one of the leading developers of security software to protect against spyware, spam and other threats.
... Read more
Free Pascal (aka FPK Pascal) is a 32 and 64 bit professional Pascal compiler. It is available for different processors: Intel x86, Amd64/x86_64, PowerPC, PowerPC64, Sparc, ARM.
... Read more
DarkBASIC is a commercial game creation programming language released by the United Kingdom based company The Game Creators. The language is a structured form of BASIC and is similar to AMOS on the
... Read more
The D language is statically typed and compiles directly to machine code. It's multiparadigm, supporting many programming styles: imperative, object oriented, and metaprogramming. It's a member of the
... Read more
This is my humble attempt at sharing questions, ideas, interesting topics and filthy pictures I stumble upon while doing what I do best (and most) – all sorts of geek stuff.
I like programming,
... Read more
The Customiser allows you to set the position and size of any window, button or other control and set the text of these controls. These changes can be permanently saved for any application and readily
... Read more
The Netwide Assembler, NASM, is an 80x86 and x86-64 assembler designed for portability and modularity. It supports a range of object file formats, including Linux and *BSD a.out, ELF, COFF, Mach-O,
... Read more
WinAsm Studio is a free Integrated Development Environment IDE for developing 32-bit Windows and 16-bit DOS programs using the Assembler. The Microsoft Macro Assembler (MASM) is supported inherently,
... Read more
ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a
... Read more
FlexHex is a hex editor program specially designed to help you securely edit binary files, OLE compound files, logical devices, and physical drives. Specifically, FlexHEX supports sparse files and
... Read more
As far as I recall, subjects related to programming (C, C++, x86 assembler, Python and so on), reverse engineering, malware analysis (just like the one before), Bughunting (again!), NT OS internals
... Read more