Jump to content
Tuts 4 You

Tools & Utilities

Numerous RCE related tools and utilities...

47 files

  1. NuMega SmartCheck

    SmartCheck is a run-time debugging tool that addresses the most problematic conditions encountered by Visual Basic developers:
    Fatal run-time errors that are cryptic and hard-to-solve Problems that result from a sequence of events Incorrect Windows API Usage from Visual Basic Bad values passed to built-in Visual Basic functions Problematic value coercions Errors in components, such as ActiveX controls, used by your program How SmartCheck Works
    As you run a program (EXE), SmartCheck runs in the background monitoring it continuously, and capturing program events and errors. During program execution, you have the option to disable and enable event reporting at will. This allows you to capture information relevant to testing your program, while eliminating the overhead of unnecessary event reporting.
    The information captured by SmartCheck can be viewed in a Program Results window, either during or after running a program. You can also save a session’s log file for later review.
    SmartCheck automatically searches for errors in your program executable as well as the dynamic-link libraries (DLLs), third-party modules, and OLE components used by your program. It can also find errors in programs for which you do not have source code, though we recommend that you have source code with debugging information to maximize error detection and diagnosis.
    SmartCheck checks all API calls, memory allocations and deallocations, Windows messages, and other significant program events for errors such as: 
    Common memory errors, including memory overruns and memory leaks Resource leaks, including Windows-specific handles Windows-specific errors in Win32APIs, ODBC, DirectX, and COM/OLE APIs 

    104 downloads

    0 comments

    Updated

  2. Imports Fixer - Legacy Archives

    This is a complete collection of public and private builds of Imports Fixer (mainly a collection of private builds). I am uploading all of these for posterity reasons before they are deleted and for those people who like to look over this stuff.
    Most of these old builds will not work on modern Windows OS's and IF is no longer being developed so do not expect them to function correctly.
    If you need to use an imports fixer I suggest turning to a publically accessible imports builder such as Scylla. It is more feature complete, supports modern OS builds and is open source - so you can fix any bugs.
    In advance of questions regarding IFv1.7, this version was never completed and no private builds were released. Version 1.6 is where all the fun ended...
    Ted.

    308 downloads

    0 comments

    Updated

  3. Scylla Imports Reconstruction Source

    Scylla - x64/x86 Imports Reconstruction
    ImpREC, CHimpREC, Imports Fixer... this are all great tools to rebuild an import table, but they all have some major disadvantages, so I decided to create my own tool for this job.
    Scylla's key benefits are:
    x64 and x86 support full unicode support written in C/C++ plugin support works great with Windows 7 This tool was designed to be used with Windows 7 x64, so it is recommend to use this operating system. But it may work with XP and Vista, too.
    Source code is licensed under GNU GENERAL PUBLIC LICENSE v3.0
    https://github.com/NtQuery/Scylla
    https://github.com/x64dbg/Scylla
     

    2,549 downloads

    0 comments

    Updated

  4. PPEE (puppy)

    This is a professional PE file explorer that lets you dig into all data directories available in the PE/PE64 file and edit them.
    Export, Import, Resource, Exception, Certificate(Relies on Windows API), Base Relocation, Debug, TLS, Load Config, Bound Import, IAT, Delay Import and CLR are supported.
    Two companion plugins are also provided. FileInfo, to query the file in the well-known malware repositories and take one-click technical information about the file such as its size, entropy, attributes, hashes, version info and so on. YaraPlugin, to test Yara rules against opened file.
    Puppy is robust against malformed and crafted PE files which makes it handy for reversers, malware researchers and those who want to inspect PE files in more details.
    Puppy is free and tries to be small, fast, nimble and friendly as your puppy!
     
    Website: https://www.mzrst.com/

    1,279 downloads

    0 comments

    Updated

  5. Strong Name Helper

    Bundle of .NET tools!
    Main reason is to defeat strong name validation, on the other hand third party tools merged!
    ACorns.Hawkeye
    Is the only .Net tool that allows you to view, edit, analyze and invoke (almost) any object from a .Net application. Whenever you try to debug, test, change or understand an application, Hawkeye can help.
    CFF Explorer-NTCore
    Designed to make PE editing as easy as possible, but without losing sight on the portable executable's internal structure.
    HwndSpy-dp0
    Is an invaluable tool for developers doing maintenance on GUI applications, where they first need to understand the windows hierarchy and how the windows are structured.
    HxD-Mael Horz
    Is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.
    Mono.Cecil-Evain 
    Is a library to generate and inspect programs and libraries in the ECMA CIL format.
    Procmon-SysInternals
    Is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.
    Resource2+4-fish
    Is a utility to easily refresh embedded resources in a .NET assembly. ResX Schema(*.resX), Embedded Resource(*.resources), Import/Export/View/Edit/Translate embedded resources,  Text/Icon/Bitmap/Cursor/String/ImageListStreamer/PinnedBufferMemoryStream (v4)...
    SysTracer-blueproject
    Is a system utility tool that can scan and analyze your computer to find changed (added, modified or deleted) data into registry and files.
    de4dot-0xd4d
    Is an open source .NET deobfuscator and unpacker written in C#.

    Assembly_Resigner-CodeCracker
    StrongName_Killer-CodeCracker

    486 downloads

    0 comments

    Updated

  6. Strong.Name.Helper.v1.7-whoknows-pass-bs.7z

    Bundle of .NET tools!
    The development ended @ 2012 with v1.7. Main reason is to defeat strong name validation, on the other hand third party tools merged!
    ACorns.Hawkeye
    Is the only .Net tool that allows you to view, edit, analyze and invoke (almost) any object from a .Net application. Whenever you try to debug, test, change or understand an application, Hawkeye can help.
    CFF Explorer-NTCore
    Designed to make PE editing as easy as possible, but without losing sight on the portable executable's internal structure.
    HwndSpy-dp0
    Is an invaluable tool for developers doing maintenance on GUI applications, where they first need to understand the windows hierarchy and how the windows are structured.
    HxD-Mael Horz
    Is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.
    Mono.Cecil-Evain
    Is a library to generate and inspect programs and libraries in the ECMA CIL format.
    Procmon-SysInternals
    Is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.
    Resource2+4-fish
    Is a utility to easily refresh embedded resources in a .NET assembly. ResX Schema(*.resX), Embedded Resource(*.resources), Import/Export/View/Edit/Translate embedded resources,  Text/Icon/Bitmap/Cursor/String/ImageListStreamer/PinnedBufferMemoryStream (v4)...
    SysTracer-blueproject
    Is a system utility tool that can scan and analyze your computer to find changed (added, modified or deleted) data into registry and files.
    de4dot-0xd4d
    Is an open source .NET deobfuscator and unpacker written in C#.

    Assembly_Resigner-CodeCracker
    HeaderFixer-CodeCracker
    NR_Bad_Net_Opcode_Remover-CodeCracker
    StrongName_Killer-CodeCracker
     
    Password to extract is bs
     
     

    1,316 downloads

    0 comments

    Updated

  7. Funny x_dbg Text Patcher

    I was bored and tired of being reminded that I was wasting my life.
    Here is a simple text patcher for x32dbg and x64dbg. Just drop the patcher in your x32 and x64 folders and run it.
    Thanks!

    229 downloads

    0 comments

    Updated

  8. CMDH - CMD running in hidden window

    CMDH by Gate2NET
    CMD running in hidden window

    166 downloads

    0 comments

    Submitted

  9. NEW dUP2 - Friendly with antivirus

    NEW dUP2 - Friendly with antivirus
    Password: tuts4you.com

    677 downloads

    0 comments

    Submitted

  10. Scylla Imports Reconstruction

    Scylla Imports Reconstruction

    ImpREC, CHimpREC, Imports Fixer... this are all great tools to rebuild an import table, but they all have some major disadvantages, so I decided to create my own tool for this job.

    Scylla's key benefits are:
    x64 and x86 support
    full unicode support
    written in C/C++
    plugin support (ImpREC plugins are supported)
    works great with Windows 7

    Currently there are only 2 plugins (PECompact, PESpin x64) in this release, full sourcecode for both is included.

    10,035 downloads

    0 comments

    Updated

  11. EASY SNIFFER CREATOR

    hey guys

    i create a program for serial sniff by vb6

    esc features :

    check crc(automatic)
    unicode string
    small size
    background music
    bypass packers

    and .....

    sorry for my english (im persian)

    enjoy it

    867 downloads

    0 comments

    Updated

  12. snr.dup.search.and.replace.patchengine.sourcecode.src

    snr.dup.search.and.replace.patchengine.sourcecode
    ASM Code

    362 downloads

    0 comments

    Submitted

  13. ScyllaHide

    ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). If you need kernelmode (ring0) Anti-Anti-Debug please see TitanHide https://bitbucket.org/mrexodia/titanhide.

    ScyllaHide supports various debuggers with plugins:

    - OllyDbg v1 and v2 http://www.ollydbg.de
    - x64_dbg http://x64dbg.com or https://bitbucket.org/mrexodia/x64_dbg
    - Hex-Rays IDA v6+ https://www.hex-rays.com/products/ida/
    - TitanEngine v2 https://bitbucket.org/mrexodia/titanengine-update and http://www.reversinglabs.com/open-source/titanengine.html

    PE x64 debugging is fully supported with plugins for x64_dbg and IDA.

    Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger.

    More information is available in the documentation: https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHide.pdf

    Source code license:
    GNU General Public License v3 https://www.gnu.org/licenses/gpl-3.0.en.html


    Special thanks to:

    - What for his POISON Assembler source code https://tuts4you.com/download.php?view.2281
    - waliedassar for his blog posts http://waleedassar.blogspot.de
    - Peter Ferrie for his PDFs http://pferrie.host22.com
    - MaRKuS-DJM for OllyAdvanced assembler source code
    - MS Spy++ style Window Finder http://www.codeproject.com/Articles/1698/MS-Spy-style-Window-Finder

    3,967 downloads

    0 comments

    Updated

  14. Jump Calculator

    This is my own coded jump calculator...
    Coded specially for our team site but i will share it the members on this board.
    It's simple as it is and nothing special. It's a simple jump calculator.
    Fill the fields for "Jump From:" and "Jump To:" with a hex address and press the button "Calculate". Thats all...
    Simple eh?

    grEEtZ iNvIcTUs oRCuS

    553 downloads

    1 comment

    Submitted

  15. Dissecting RC4 - Algorithm

    This application will show you how Algorithm RC4 works

    289 downloads

    0 comments

    Submitted

  16. zwfix.zip

    FIX for ZwQueryObject hang on file objects that have FO_SYNCHRONOUS_IO set.
    There is a "bug" in Win32 that hangs calls to ZwQueryObject and other functions
    when the queried handle has this flag set, as the Syscall is waiting forever.

    Ollydbg suffers from this bug as it reads certain handle informations after it
    hits a breakpoint. This then leads to a freeze of the debugger.
    This plugin tries to fix it by hooking the functions

    NtQueryObject (ntdll.dll)
    GetFileType (kernel32.dll)

    that get used by olly, which can cause the lockup and let them process the
    queries in a seperate thread with a timeout of 1sec. If the call hangs, an error
    is returned to Olly and the debugger doesn't freeze anymore.

    216 downloads

    0 comments

    Submitted

  17. REPT Patch Engine

    Hello everyone!

    I made a new utility for Team Rept called "REPT Patch Engine". As it name says, this patch engine provides you an easy to use interface to make different types of patch in one single executable. Currently it has 3 types of patching method:
    Hex Editor (Offset Patch)
    File Export
    Registry Patch

    This utility is made on .NET. I did NOT put any credit of "Created with REPT Patch Engine" because I wanted to make a new patch engine useful.

    Things to update for next versions:
    Compare files to see the offset of cracked and original file. DONE!
    Add custom skin

    If you need another thing to put on the patch tell me

    I hope you like it and it could be interesting to use. Fell free to use as you want.

    LordCoder

    1,233 downloads

    0 comments

    Updated

  18. REPT KeyGen Maker

    REPT KeyGen Maker is an utility to make keygens easily without having a programming knowledges.
    Please report any bug/improve to make it better

    This is currently done in .NET so will need .NET Framework 3.5 or higher.
    Thanks for download it!

    3,343 downloads

    2 comments

    Updated

  19. Liquid Crack Generator 2

    My very old generic crack generator. Supports skins, music and text scroller by your choice.

    - What does "generic" means?
    - It does not only patch concrete offsets but it's trying to find the same segments into the target app so it might be newer version of the app but the same parts of the code might exist so it cracks them.

    It's very old, I'm uploading it just to share it but if you feel it useful feel free to use it.

    998 downloads

    1 comment

    Submitted

  20. PE-Info

    This application provide information about PE File.
    If you have time, please report any kind of mistake in this application.

    Regards

    521 downloads

    0 comments

    Updated

  21. Offset Converter

    Converting Offset to RVA and VA.

    626 downloads

    1 comment

    Updated

  22. VA to RVA converter

    Simple utilty to help unpackes calculate the RVA of a adress.
    The default imagebase is 400000h

    408 downloads

    0 comments

    Submitted

  23. PE Location Calculator

    This is a simple utility to convert between ImageBase, VA, RVA & File offset

    689 downloads

    2 comments

    Submitted

  24. PEFile.rar

    Hi all,

    i created a command line pe header dump tool with gives you all kind of information about the PE file.

    Support both 32 and 64 bit PE files.

    Main tool site link: http://pefile.net

    Tool features:
    File Name.
    MD5 Hash.
    SHA1 Hash.
    NT Offset.
    File Entropy.
    Sections MD5.
    Sections Entropy.
    Overlay Count.
    File-Overlay.
    File Attributes.
    Time Stamp.
    File Version Info.
    Header Information.
    Characteristics information.
    Dll Characteristics.
    Data directory sections.
    Image ConfigInformation.
    Imported DLL List.
    Imported functions from the DLL.
    Stream (ADS) Information.
    Resource Information.
    Support Screen (stdout), Text and HTML output.


    Have Fun.

    233 downloads

    0 comments

    Submitted

  25. hookit.zip

    http://code.google.com/p/hookit/

    A tool that automates C++ class wrappers, global function hooking, and dll proxy generation.

    I coded the C++ class wrapper and global function hooking code generation.
    Both GUI (Nedim Sabic ) and dll proxy generation code (Michael Chourdakis) aren't mine.

    Click on the help button after running hookit.exe more details.

    I use this tool a lot, so i thought it's time to share it =)
    Enjoy.

    419 downloads

    0 comments

    Submitted


×
×
  • Create New...