From Collaborative RCE Knowledge Library

Jump to: navigation, search

Tool Info

This category contains knowledge and information about tools, not the tools themselves though!

If you are looking for the tools themselves, you should visit our separate Collaborative RCE Tool Library!


Item name: Manual binary mangling with radare
Rating: 4.0 (1 vote)
Author: pancake                        
Home URL: http://rada.re/
Last updated: November 6, 2009
Version (if appl.):
Direct D/L link: http://phrack.org/issues/66/14.html
Description: 1 - Introduction
1.1 - The framework
1.2 - First steps
1.3 - Base conversions
1.4 - The target

2 - Injecting code in ELF
2.1 - Resolving register based branches
2.2 - Resizing data section
2.3 - Basics on code injection
2.4 - Mmap trampoline
2.4.1 - Call trampoline
2.4.2 - Extending trampolines

3 - Protections and manipulations
3.1 - Trashing the ELF header
3.2 - Source level watermarks
3.3 - Ciphering .data section
3.4 - Finding differences in binaries
3.5 - Removing library dependencies
3.6 - Syscall obfuscation
3.7 - Replacing library symbols
3.8 - Checksumming

4 - Playing with code references
4.1 - Finding xrefs
4.2 - Blind code references
4.3 - Graphing xrefs
4.4 - Randomizing xrefs

5 - Conclusion
6 - Future work
7 - References
8 - Greetings

"Reverse engineering is something usually related to w32 environments where
there is lot of non-free software and where the use of protections is more
extended to enforce evaluation time periods or protect intellectual (?)
property, using binary packing and code obfuscation techniques.

These kind of protections are also used by viruses and worms to evade
anti-virus engines in order to detect sandboxes. This makes reverse
engineering a double-edged sword..."
Also listed in: Linux Anti Reversing Articles, Linux ELF Articles, Linux Internals Articles, Linux Protection Technique Articles, Linux Tool Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Abusing Mach on Mac OS X
Rating: 0.0 (0 votes)
Author: nemo                        
Home URL: felinemenace.org
Last updated: May 2006
Version (if appl.):
Direct D/L link: http://uninformed.org/?v=4&a=3&t=txt
Description: "Abstract: This paper discusses the security implications of Mach being
integrated with the Mac OS X kernel. A few examples are used to illustrate how
Mach support can be used to bypass some of the BSD security features, such as
securelevel. Furthermore, examples are given that show how Mach functions can
be used to supplement the limited ptrace functionality included in Mac OS X.

Hello reader. I am writing this paper for two reasons. The first reason is to provide
some documentation on the Mach side of Mac OS X for people who are unfamiliar
with this and interested in looking into it. The second reason is to document my own
research, as I am fairly inexperienced with Mach programming. Because of this
fact, this paper may contain errors. If this is the case, please email me at
nemo@felinemenace.org and I will try to correct it."
Also listed in: Mac OS Internals Articles, Mac OS Tool Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Alien Autopsy rev. 2008
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid9.htm
Description: This video tutorial will teach you how to reverse a Windows crackme under Linux with IDA Pro.
Also listed in: Linux Tool Tutorials, Linux Unpacking Tutorials, Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Class-dump
Rating: 0.0 (0 votes)
Author: Steve Nygard                        
Home URL: http://www.codethecode.com/projects/class-dump/
Last updated:
Version (if appl.):
Direct D/L link: Locally archived copy
Description: "This is a command-line utility for examining the Objective-C segment of Mach-O files. It generates declarations for the classes, categories and protocols. This is the same information provided by using 'otool -ov', but presented as normal Objective-C declarations."
Also listed in: Mac OS Tool Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Debugging a faulty application with IDA Pro
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid3.htm
Description: This video tutorial will teach you how to debug an application with IDA Pro even if it is crippled.
Also listed in: Windows Internals Tutorials, Windows Tool Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: dnsbf.py - Python script for Reverse dns search in a subnet (dns brute force)
Rating: 0.0 (0 votes)
Author: t0ka7a                        
Home URL: http://infond.blogspot.com
Last updated: April 5, 2010
Version (if appl.):
Direct D/L link: http://infond.blogspot.com/2010/02/dnsbfpy-python-script-for-reverse-dns.html
Description: The first step of a penetration test is to discover hosts in a subnet. In this aim, DNS is your second best friend (after Google :).
First, to know which subnet (ex: 72.14.204.0/23) is associated to a hostname (ex: www.google.fr), you can use the Whois database (ex: with a site as http://www.robtex.com).
Then, to know which hosts are declared in DNS database in this subnet, you can use dnsbf.py :)
dnsbf.py is a script, written in Python, which conducts a Reverse DNS search for all the IPs in a subnet.
Also listed in: Linux Tool Articles, Mac OS Tool Articles, Windows Tool Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Embedded ELF Debugging : the middle head of Cerberus
Rating: 0.0 (0 votes)
Author: The ELF shell crew                        
Home URL: http://www.eresi-project.org/
Last updated: January 8, 2005
Version (if appl.):
Direct D/L link: http://www.phrack.com/issues.html?issue=63&id=9&mode=txt
Description: I. Hardened software debugging introduction
a. Previous work & limits
b. Beyond PaX and ptrace()
c. Interface improvements
II. The embedded debugging playground
a. In-process injection
b. Alternate ondisk and memory ELF scripting (feat. linkmap)
c. Real debugging : dumping, backtrace, breakpoints
d. A note on dynamic analyzers generation
III. Better multiarchitecture ELF redirections
a. CFLOW: PaX-safe static functions redirection
b. ALTPLT technique revised
c. ALTGOT technique : the RISC complement
d. EXTPLT technique : unknown function postlinking
e. IA32, SPARC32/64, ALPHA64, MIPS32 compliant algorithms
V. Constrained Debugging
a. ET_REL relocation in memory
b. ET_REL injection for Hardened Gentoo (ET_DYN + pie + ssp)
c. Extending static executables
d. Architecture independant algorithms
VI. Past and present
VII. Greetings
VIII. References
Also listed in: Linux Internals Articles, Linux Tool Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: GDB Reference Card
Rating: 0.0 (0 votes)
Author: Free Software Foundation                        
Home URL: http://www.fsf.org/
Last updated: 1998
Version (if appl.): v4
Direct D/L link: http://users.ece.utexas.edu/~adnan/gdb-refcard.pdf
Description: This reference card immediately gives you the needed options to master GDB on every UNIX-like platforms.
Also listed in: Linux Tool Tidbits, Mac OS Tool Tidbits
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: How to Solve Crackmes for Dummies in Video
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid4_part1.htm
Description: This video tutorial will teach you how to solve crackmes with IDA Pro in a first part, and keygenning in a second part (the secon part video is linked below).
Also listed in: Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: How to use Otool
Rating: 0.0 (0 votes)
Author: TheTuKays                        
Home URL: N/A
Last updated: 2006
Version (if appl.):
Direct D/L link: Locally archived copy
Description: "what will be covered in this article:
how to get the method name of a method call
how to find the place in the real file


using otool as disassembler is not that easy as it seems, as otool does not supply much information.
but with some tricks you can have some more data as well."
Also listed in: Mac OS Tool Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Introduction To Reverse Engineering Software
Rating: 0.0 (0 votes)
Author: Matt Briggs                        
Home URL: http://opensecuritytraining.info/
Last updated: June 16, 2011
Version (if appl.):
Direct D/L link: http://opensecuritytraining.info/IntroductionToReverseEngineering.html
Description: This is a 2 days worth of class materials that you can use to teach your own classes.

--

Throughout the history of invention curious minds have sought to understand the inner workings of their gadgets. Whether investigating a broken watch, or improving an engine, these people have broken down their goods into their elemental parts to understand how they work. This is Reverse Engineering (RE), and it is done every day from recreating outdated and incompatible software, understanding malicious code, or exploiting weaknesses in software.

In this course we will explore what drives people to reverse engineer software and the methodology and tools used to do it.

Topics include, but are not limited to:
•Uses for RE
•The tricks and pitfalls of analyzing compiled code
•Identifying calling conventions
•How to navigate x86 assembly using IDA Pro
•Identifying Control Flows
•Identifying the Win32 API
•Using a debugger to aid RE
•Dynamic Analysis tools and techniques for RE

During the course students will complete many hands on exercises.

Introduction to x86 and Life of Binaries (both available at http://opensecuritytraining.info/Training.html) are prerequisites for this class.

This class will serve as a prerequisite for a later class specifically on malware analysis.
Also listed in: Generic Malware Analysis Tutorials, Generic Reversing Technique Tutorials, Generic Tool Tutorials, Windows Malware Analysis Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Next generation debuggers for reverse engineering
Rating: 0.0 (0 votes)
Author: The ELFsh Crew                        
Home URL: http://www.eresi-project.org
Last updated: 2007
Version (if appl.):
Direct D/L link: http://s.eresi-project.org/inc/articles/bheu-eresi-article-2007.pdf
Description: "Classical debuggers make use of an interface provided by the operating system in order to access the memory of programs while they execute. As this model is dominating in the industry and the community, we show that our novel embedded architecture is more adapted when debuggee systems are hostile and protected at the operating system level. This alternative modelization is also more performant as the debugger executes from inside the debuggee program and can read the memory of the host process directly. We give detailed information about how to keep memory unintrusiveness using a new technique called allocation proxying. We reveal how we developed the organization of our multiarchitecture framework and its multiple modules so that they allow for graph-based binary code analysis, ad-hoc typing, compositional fingerprinting, program instrumentation, real-time tracing, multithread debugging and general hooking of systems. We reveal the reflective essence of our framework by embedding its internal structures in our own reverse engineering language, thus recalling concepts of aspect oriented programming."
Also listed in: Linux ELF Articles, Linux Internals Articles, Linux Tool Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: PDF - Vulnerabilities, Exploits and Malwares
Rating: 0.0 (0 votes)
Author: Dhanesh                        
Home URL: http://securityxploded.com/pdf_vuln_exploits.php
Last updated: November 24, 2010
Version (if appl.):
Direct D/L link: Locally archived copy
Description: In this startup tutorial, Dhanesh explains how to use basic PDF analysis tools such as PDFAnalyzer in dissecting the exploit code from malicious PDF files in simple steps with illustrative screenshots.

Highlights of the Article:

* Throws light on usage of PDF analysis tools such as PDFAnalyzer
* Demonstrates malware analysis of real PDF samples
* Describes in detail dissecting of the exploit code from PDF structures.
Also listed in: Generic Reversing Technique Articles, Generic Reversing Technique Tutorials, Generic Tool Articles, Generic Tool Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: RE:Trace Applied Reverse Engineering on OS X
Rating: 0.0 (0 votes)
Author: Tyler Beauchamp and David Weston                        
Home URL: http://www.saic.com/
Last updated:
Version (if appl.):
Direct D/L link: http://www.recon.cx/2008/a/tiller_beauchamp/RETrace-Applied_Reverse_Engineering_on_OS_X.pdf
Description: Through this REcon 2k8 presentation, the authors are introducing Dtrace for Mac OS X reversing, and a framework based on it: REtrace.
Also listed in: Mac OS Tool Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Remote Debugging using VMWare
Rating: 0.0 (0 votes)
Author: James Brown                        
Home URL: http://www.catch22.net/
Last updated: August 30, 2008
Version (if appl.):
Direct D/L link: http://www.catch22.net/tuts/vmware
Description: This short article describes how to set up VMWare and WinDBG for remote kernel debugging on Windows.
Also listed in: Windows Tool Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Remote Debugging with IDA Pro
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid2.htm
Description: This video tutorial will learn you how to use the remote debugging feature available on IDA Pro.
Also listed in: Windows Tool Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Rootkits: What they are, and how to find them
Rating: 0.0 (0 votes)
Author: Xeno Kovah                        
Home URL: http://opensecuritytraining.info/
Last updated: September 21, 2011
Version (if appl.):
Direct D/L link: http://opensecuritytraining.info/Rootkits.html
Description: This is a 2 day class which is freely available to watch. You can also take the materials and use them to teach your own classes.

--

Introductory Intel x86, Intermediate Intel x86, and Life of Binaries (all available at http://opensecuritytraining.info/Training.html) are strongly recommended to be taken before of this class.

Rootkits are a class of malware which are dedicated to hiding the attacker’s presence on a compromised system. This class will focus on understanding how rootkits work, and what tools can be used to help find them.

This will be a very hands-on class where we talk about specific techniques which rootkits use, and then do labs where we show how a proof of concept rootkit is able to hide things from a defender. Example techniques include
•Trojaned binaries
•Inline hooks
•Import Address Table (IAT) hooking
•System Call Table/System Service Descriptor Table (SSDT) hooking
•Interrupt Descriptor Table (IDT) hooking
•Direct Kernel Object Manipulation (DKOM)
•Kernel Object Hooking (KOH)
•IO Request Packet (IRP) filtering
•Hiding files/processes/open ports
•Compromising the Master Boot Record (MBR) to install a “bootkit”

The class will help the student learn which tools to use to look for rootkits on Windows systems, how to evaluate the breadth of a tool’s detection capabilities, and how to interpret tool results.

This class is structured so that students are given a homework to detect rootkits *before* they have taken the class. This homework is given in the context of the following scenario:

“You, being the only ‘security person’ in the area, have been called in to
examine a running Windows server because "it's acting funny." They don't
care that you like Mac/Linux/BSD/Plan9 better, you need to look at it! You
are solemnly informed that this is system is mission critical and can only
be rebooted if absolutely necessary. You must investigate whether any sort
of compromise has taken place on the system, with minimal impact to the
mission. What do you do? What DO you DO?”

The homework is then for the student to use any means at their disposal to write up answers to the following questions: “What malicious changes were made to the system?”, “What tools did you use to detect the changes?”, “How can you remove the changes?”. The students’ answers are then anonymized and shared with the rest of the class afterwards, so that they can see how others approached the problem, and learn from their techniques. The anonymization of the homework before distribution is important so that students know that even though they don’t know, and aren’t expected to know, anything about the area yet, their entry will not be judged by other students.
Also listed in: Generic Malware Analysis Tutorials, Generic Protection Technique Tutorials, Generic Reversing Technique Tutorials, Windows Internals Tutorials, Windows Malware Analysis Tutorials, Windows Tool Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Solving pnluck's x64 CrackMe
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid11.htm
Description: This video tutorial will teach you how to solve Pnluck's x64 crackme with IDA Pro.
Also listed in: Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Stepping with GDB during PLT uses and .GOT fixup
Rating: 0.0 (0 votes)
Author: mayhem                        
Home URL: http://www.eresi-project.org
Last updated:
Version (if appl.):
Direct D/L link: http://s.eresi-project.org/inc/articles/elf-runtime-fixup.txt
Description: "This text is a GDB tutorial about runtime process fixup using the Procedure
Linkage Table section (.plt) and the Global Offset Table section (.got) .
If you dont know what is ELF, you should read the ELF ultimate documentation
you can find easily on google .

Some basic ASM knowledge may be requested .

This text has not been written for ELF specialists . This tutorial is an
alternative , interactive way to understand the PLT mechanisms. "
Also listed in: Linux ELF Articles, Linux Internals Articles, Linux Tool Articles, Linux Unpacking Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Stop fishing and start keygenning!
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid8_part1.htm
Description: This video tutorial will introduce you to the fine art of keygenning with the help of IDA Pro.
(Don't miss the second video, about serial generation).
Also listed in: Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: TLS-CallBacks and preventing debugger detection with IDA Pro
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid6.htm
Description: This video tutorial will inform you about TLS callbacks and anti anti debugging with IDA Pro.
Also listed in: Windows Internals Tutorials, Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: The Life of Binaries
Rating: 0.0 (0 votes)
Author: Xeno Kovah                        
Home URL: http://opensecuritytraining.info/
Last updated: September 6, 2011
Version (if appl.):
Direct D/L link: http://opensecuritytraining.info/LifeOfBinaries.html
Description: This is a 2 day class which is freely available to watch. You can also take the materials and use them to teach your own classes.

--


Topics include but are not limited to:
• Scanning and tokenizing source code.
• Parsing a grammar.
• Different targets for x86 assembly object files generation. (E.g. relocatable vs. position independent code).
• Linking object files together to create a well-formed binary.
• Detailed descriptions of the high level similarities and low level differences between the Windows PE and Linux ELF binary formats. (NOTE: we didn't get to this in the class where the video was recorded, but the materials are in the slides)
• How an OS loads a binary into memory and links it on the fly before executing it.

Along the way we discuss the relevance of security at different stages of a binary’s life, from the tricks that can be played by a malicious compiler, to how viruses really work, to the way which malware “packers” duplicate OS process execution functionality, to the benefit of a security-enhanced OS loader which implements address space layout randomization (ASLR).

Lab work includes:
• Manipulating compiler options to change the type of assembly which is output
• Manipulating linker options to change the structure of binary formats
• Reading and understanding PE files with PEView
• Reading and understanding ELF files with Readelf (NOTE: we didn't get to this in the class where the video was recorded, but the materials are in the slides)
• Using WinDbg and/or GDB to watch the loader dynamically link an executable
• Using Thread Local Storage (TLS) to obfuscate control flow and serve as a basic anti-debug mechanism
• Creating a simple example virus for PE
• Analyze the changes made to the binary format when a file is packed with UPX
• Using the rootkit technique of Import Address Table (IAT) hooking to subvert the integrity of a program’s calls to external libraries, allowing files to be hidden.

Knowledge of this material is recommended, but not required, for future classes such as Rootkits, but is required for reverse engineering. (Both also at http://opensecuritytraining.info/Training.html)
Also listed in: Generic Malware Analysis Tutorials, Generic Protection Technique Tutorials, Generic Reversing Technique Tutorials, Linux ELF Articles, Windows Internals Tutorials, Windows Malware Analysis Tutorials, Windows Reversing Technique Tutorials, Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Unpacking deroko's x64 UnpackMe
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid10.htm
Description: This video tutorial will teach you how to unpack Deroko's x64 unpackme with IDA Pro.
Also listed in: Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Unwrapping a Flash Video Executable (exe2swf)
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid7.htm
Description: This video tutorial will teach you how to unwrap a flash video from an PE file with IDA Pro.
Also listed in: Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Using Memory Breakpoints with your Loaders
Rating: 0.0 (0 votes)
Author: Shub-Nigurrath                        
Home URL: http://www.accessroot.com
Last updated:
Version (if appl.):
Direct D/L link: http://www.accessroot.com/arteam/site/files/video/Using_Memory_Breakpoints_by_Shub-Nigurrath_preview.pdf
Description: "This tutorial will discuss how memory breakpoints work and how to use them for you own loaders. It's an ideal prosecution of the already published Beginner's Tutorial #8 [1], where I already covered hardware and software breakpoints quite extensively (at beginner's level of course)."
Also listed in: Windows Internals Articles, Windows Tool Articles, Windows Unpacking Articles
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Using OllyDbg as an API logger
Rating: 0.0 (0 votes)
Author: arebc                        
Home URL: http://www.woodmann.com/forum/showthread.php?13706-How-can-I-learn-to-make-an-auto-unpacking-script-for-programs-I-have-unpacked&p=86997&viewfull=1#post86997
Last updated: June 25, 2010
Version (if appl.):
Direct D/L link: N/A
Description: To use Ollydbg as an api logger right click > search for > All Intermodular Calls > right click on the calls > Set Log Breakpoint on every command > Select option to Log Value of expression on Condition.
Also listed in: Windows Reversing Technique Tidbits, Windows Tool Tidbits
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: Visual Debugging with IDA - The Interactive Disassembler
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid1.htm
Description: This video tutorial will introduce the visual debugging feature available on IDA Pro.
Also listed in: Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)



Item name: x64 Disassembling Primer and fixing obfuscated APIs
Rating: 0.0 (0 votes)
Author: TiGa                        
Home URL: http://www.woodmann.com/TiGa/
Last updated:
Version (if appl.):
Direct D/L link: http://www.woodmann.com/TiGa/videos/TiGa-vid5.htm
Description: This video tutorial will teach you disassembly under x64 as well as fixing obfuscated API.
Also listed in: Windows Internals Tutorials, Windows Tool Tutorials, Windows Unpacking Tutorials
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)




RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.


Subcategories

There are 4 subcategories to this category.




No items can be added directly to this category, please rather select one of its sub-categories above to submit an item!

Views