PINCE
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.
dynStruct is a tool using dynamoRio to monitor memory accesses of an ELF binary via a data gatherer, and use this data to recover structures of the original code. dynStruct can also be used to quickly find where and by which function a member of a structure is write or read. Papers: dynStruct was the subject of a master thesis and a publication. Requirements: Data gatherer, CMake >= 2.8, DynamoRIO (avoid the last release, recommended version at DynamoRIO cronbuild or build 7.91.18109). Structure recovery and web interface: Python3, Capstone, Bottle. Setup: - Data Gatherer: Set the environment variable DYNAMORIO_HOME to the absolute path of your DynamoRIO installation. Execute build.sh. To compile dynStruct for a 32bits target on a 64bits os, execute build.sh 32. - Structure recovery and web interface: Install dependencies for dynStruct.py using 'pip3 install -r requirements.txt'. Data gatherer Usage: drrun -opt_cleancall 3 -c <dynStruct_path> <dynStruct_args> -- <prog>
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.
A tool to embed XXE and XSS payloads in various file formats
Scan folders and files for crypto patterns, hacking team malware, and malicious documents using PEID signatures.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.