Find content
Main difference between v0.6 is the more powerful disassembler. Can be accessed via Misc -> Disassembler. Try right click -> Follow...
- Viewing Profile: Topics: Aguila
Community Stats
- Group (Full Member)
- Active Posts 279
- Profile Views 3,886
- Member Title Addict
- Age Age Unknown
- Birthday Birthday Unknown
-
Gender
Male
Previous Fields
-
Country
European Union
Contact Information
Topics I've Started
Version 0.7 Beta
06 May 2012 - 01:24 PM
This is the last version for at least a week now, I promise
Main difference between v0.6 is the more powerful disassembler. Can be accessed via Misc -> Disassembler. Try right click -> Follow...
Main difference between v0.6 is the more powerful disassembler. Can be accessed via Misc -> Disassembler. Try right click -> Follow...
PE file scanner with collaboration system
01 April 2012 - 12:55 PM
I have an idea for a new project. Please tell me what you think about it.
You all know PEiD, DIE, exeinfope, ProtectionID, Fast Scanner, DNiD, and so on. File scanner help to detect a protection system. But they all have a problem: no updates, not open source.
Here is probably a solution to create the best tool.
Client:
A C/C++ program with easy GUI similiar to PEiD, without any crap features you don't ever need (like you can find in PID). The signatures are stored in a real database (not some stupid txt file!): SQLite. The program can download updates from a web portal. Should support every file type.
Web portal:
A collaboration system. Every user can add signatures to the database. If only a few user add once a week a signature, the database will grow and the tool is always up to date. There is a easy login system with rating system to ensure some quality. The web portal should be coded in PHP with a mysql database, so it can be hosted everywhere even with free hosters. I already created a simple database draft (see attachment). Doesnt need much explaination I think. Signatures FileType can be ANY_FILE, DLL_32BIT, ARM, DOTNET, EXE_32BIT, and so on. Just a simple web portal with CRUD operations.
Of course everything should be open-source. I can help with the client, but I can't code the web portal (lack of php/html/css skills). What do you think?
You all know PEiD, DIE, exeinfope, ProtectionID, Fast Scanner, DNiD, and so on. File scanner help to detect a protection system. But they all have a problem: no updates, not open source.
Here is probably a solution to create the best tool.
Client:
A C/C++ program with easy GUI similiar to PEiD, without any crap features you don't ever need (like you can find in PID). The signatures are stored in a real database (not some stupid txt file!): SQLite. The program can download updates from a web portal. Should support every file type.
Web portal:
A collaboration system. Every user can add signatures to the database. If only a few user add once a week a signature, the database will grow and the tool is always up to date. There is a easy login system with rating system to ensure some quality. The web portal should be coded in PHP with a mysql database, so it can be hosted everywhere even with free hosters. I already created a simple database draft (see attachment). Doesnt need much explaination I think. Signatures FileType can be ANY_FILE, DLL_32BIT, ARM, DOTNET, EXE_32BIT, and so on. Just a simple web portal with CRUD operations.
Of course everything should be open-source. I can help with the client, but I can't code the web portal (lack of php/html/css skills). What do you think?
Version 0.6 Beta
15 March 2012 - 07:29 PM
Here is a new beta version of Scylla. Please test it.
Changelog:
- Dump memory feature
- Bugfixes
- Many core and source code improvements
Beta 3:
http://forum.tuts4yo...post__p__135322
Changelog:
- Dump memory feature
- Bugfixes
- Many core and source code improvements
Beta 3:
http://forum.tuts4yo...post__p__135322
Prove: Other import tools don't work correctly with Win 7
22 October 2011 - 03:59 PM
I created this thread because of this thread: http://forum.tuts4yo...ction-question/
Some beginner still think that ImpREC works on Windows 7, this is simply not true. Here is a prove screenshot. The test application is a simple C++ application not packed/protected. Scylla is the only tool which can rebuild the IAT correctly.
I guess this doesn't need any explanation just see for yourself.
(Download the .zip for better resolution)
Some beginner still think that ImpREC works on Windows 7, this is simply not true. Here is a prove screenshot. The test application is a simple C++ application not packed/protected. Scylla is the only tool which can rebuild the IAT correctly.
I guess this doesn't need any explanation just see for yourself.
(Download the .zip for better resolution)
Version 0.5 final
17 October 2011 - 08:46 PM
I'm proud to present the new version 0.5 of Scylla. Killboy helped a lot, many thanks to him.
A lot of bugs are fixed, many gui improvements, keyboard support, etc.
The highlight is probably the multi-select support and the save/load tree feature. E.g. select some imports with the mouse and delete them with the "DEL" key on your keyboard.
ImpREC export/import tree support will not be added, because the ImpREC format is not really comfortable. The Scylla import/export format is xml based and it is really easy to read and edit this file.
(in the menu: Imports -> Save/Load Tree, buttons on main dialog removed)
Download 0.5:
http://forum.tuts4yo...reconstruction/
A lot of bugs are fixed, many gui improvements, keyboard support, etc.
The highlight is probably the multi-select support and the save/load tree feature. E.g. select some imports with the mouse and delete them with the "DEL" key on your keyboard.
ImpREC export/import tree support will not be added, because the ImpREC format is not really comfortable. The Scylla import/export format is xml based and it is really easy to read and edit this file.
(in the menu: Imports -> Save/Load Tree, buttons on main dialog removed)
Download 0.5:
http://forum.tuts4yo...reconstruction/
- Viewing Profile: Topics: Aguila
- Privacy Policy
- The Board Rules ·
