Tools & Utilities
Numerous RCE related tools and utilities...
56 files
-
![More information about "[SCT]Reversers' Calculator"](https://forum.tuts4you.com/screenshots/monthly_12_2010/thumb-e5fab565b7bef29ed571ed74628ac73b-revcalc.jpg)
[SCT]Reversers' Calculator
By bluedevil
Reversers' Calculator is a full tool that combines all logical and mathematical operations, also can convert hexadecimal numbers to binary, decimal(signed/unsigned),octal and string. This tool is very handy for all reversers.
1,694 downloads
0 comments
Submitted
-
4n4lDetector
By 4n0nym0us
This is a scan tool for Microsoft Windows executables, libraries, drivers and mdumps. Its main objective is to collect the necessary information to facilitate the identification of malicious code within the analyzed files. This tool analyzes, among other things, the PE header and its structure, the content of the sections, the different types of strings, among many other things. It also incorporates a multitude of its own ideas to recognize anomalies in the construction of files and the detection of mechanisms used by current malware.
Using the tool is simple, just configure the options in the drop-down panel on the right and drag the samples into 4n4lDetector.
Full support:
- 32 bits (8086, x86, ARMv7)
- 64 bits (AMD64, x86-64, x64, ARMv8)
TI and ET Extraction:
Alpha AXP, ARM, ARM Thumb-2 (32-bit Thumb), ARM64, EFI Byte Code, EFI Byte Code (EBC), Hitachi SH3, Hitachi SH3, Hitachi SH4, Hitachi SH5, Intel i860, Intel Itanium (IA-64), M32R, MIPS16, MIPS16 with FPU, MIPS R3000, MIPS R4000, MIPS with FPU, MIPS little-endian, MIPS little-endian WCE v2, x64, x86, x86-64.
Buttons code:
- Buttons colored green are action buttons that open files and folders or are used to interact with the tool's utilities.
- The buttons colored in red perform reconfigurations, deletion of data or reset of functional files.
- Purple buttons announce the activation of online interactions.
- The pink buttons are shortcut buttons that the tool uses as tabs to navigate between different types of utilities.
Shortcuts:
- [A] Main analysis tab
- [W] Analysis tab in modifiable HTML format for report (WebView)
- [S] Viewer of strings extracted from the parsed file
- [V] Module with the Virustotal report using its API
Detections:
- PE Information
- Unusual Entry Point Position or Code (Algorithms, Anomalous Instructions... )
- Packers
- Compilations
- Binders/Joiners/Crypters
- Architectures
- Possible malicious functions
- Registry Keys
- Files Access
- Juicy Words
- Anti-VM/Sandbox/Debug
- URLs Extractor
- Payloads
- AV Services
- Duplicate Sections
- IP/Domains List
- Config RAT (Only In Memory Dumps)
- Call API By Name
- Unusual Chars In Description File (Polymorphic Patterns)
- Rich Signature Analyzer
- CheckSum Integrity Problem
- PE Integrity Check
- SQL Queries
- Emails
- Malicious resources
- PE Carve
- Exploits
- File Rules for Entry Points and more... 😃
Console Options (Analysis to file):
- 4n4lDetector.exe Path\App.exe -GUI (Start the graphical interface parsing a file from the console)
- 4n4lDetector.exe Path\App.exe -GREMOVE (Remove binary after scan)
- 4n4lDetector.exe Path\App.exe -TXT (Parse a file from the console and the output is written to a TXT file)
- 4n4lDetector.exe Path\App.exe -HTML (Parse a file from the console and the output is written to HTML file)
171 downloads
Updated
-
0 comments
Submitted
-
API Function Fetcher
By LibertyorDeath
This tool simply gets the hardcoded address of windows apis I wrote it for me but thought someone else might use it. It does essentially the same thing as the SnD API tool I wish I had seen that before I wrote this one . Coded in masm full source included modify as you like.
1,137 downloads
0 comments
Submitted
-
asm2op
By Guest
This is a really simple tool
actually i code it only for me
and this app is wriiten in FREEbasic
1,288 downloads
0 comments
Submitted
-
Baymax Patch toOls
By wgz0001
Baymax Patch Tools v3.1.0
Tool description:
Baymax Patch Tools is a hijacking patch making tool that releases a hijacking DLL for the target process to load the function module PYG. Two patching functions are supported.search and replace patch supports feature code search and replace memory data, exception breakpoint patch supports simulating the exception breakpoint function of debugger and modifying register, memory and other data after setting and triggering breakpoint to achieve the purpose of modifying program execution flow and so on.
The tool is protected, antivirus may misreport the tool and patch files! Due to the use of the shell SDK, all components of the tool (including the generated patches) do not contain networking capabilities! The generated patches will not modify any files on the system when running (except for overwriting patch files). The generated patches will not modify any files on the system when running (except for overwriting patch files). The tool itself has a verification mechanism and will load only after the module is successfully verified at startup, but for security reasons, please be sure to download and use it from the official site.
Function introduction:
. support hijacking crack, not modify the file itself
. support for patching processes with dynamic base addresses (ASLR)
. support patching multiple DLL modules of the target process
. support patching different EXEs of the same patch
. support patching the memory data of a process at a specified address
. support for patching processes using feature code matching
. support setting API HOOK decoding for shelled programs before patching data
. support patching data after setting hardware breakpoint interrupt for the process
. support setting exception breakpoints to modify the memory pointed to by registers or registers after interrupting the process
. support setting conditional breakpoints for processes to determine whether to execute Patch according to the number of interrupts, . . . . register or memory values
. support setting different conditional breakpoints for the same address to perform Patch on the interrupts that meet the conditions
. support extracting global variables from assembly instructions to store and modify them
. support for storing data and using stored data during process execution
. support patching the memory pointed to by the memory marker after interrupt
. support basic operations on data after interrupt
. support for reading patch data from ini file
. support to create memory keymaker
. support for creating debug patches to troubleshoot patch problems by yourself
Update:
2023.01.18
x86 v3.1.0
1. Support multi-language function
2. adjusted and optimized the UI, text descriptions, etc. to improve the interactive experience
Download:
https://sourceforge.net/projects/baymax-patch-tools/
1,446 downloads
Updated
-
ByteCode Converter
By SuperJackAbcd
Convert ollydbg,x64dbg binary copy code format to c++ ,c format
CppCLR_WinformsProjekt1.exe
329 downloads
Updated
-
CMDH - CMD running in hidden window
By Ali.Dbg
CMDH by Gate2NET
CMD running in hidden window
571 downloads
0 comments
Submitted
-
0 comments
Updated
-
Delphi Tool Version 2.00
By Raptor.
At last, it's here! xD
Sorry about the delay, but I had other stuff going on...so yeh. It's here now. Hope it was worth the wait!
Delphi Tool
Version 2.00
Code + GFX by RaptoR of Team iNFECTiON
-
Details:
Description: This tool was originally just a String Splitter for Delphi, but after a few suggestions to expand it, I have. It now comprises of:
Delphi String Splitter
Delphi String Unsplitter
String To Charcode Converter
Charcode to String Converter
Table Extractor
Array Maker
Source Cleaner
ASCII Table Viewer
The string splitter module splits up strings into more managable blocks. It is very handy for cutting long strings into ones that Delphi can handle (as you know, the maximum length of a string in Delphi is 255 characters. This can be annoying when using long strings, when for example working with encryption schemes). It is also handy for simply tidying up long code.
The string unsplitter module does the reverse of the string splitter module, and concatenates strings that have been split with the string splitter (or by other means) into one.
The string to charcode converter will convert an entered string into Delphi's character codes. For example "RaptoR" becomes "#82#97#112#116#111#82".
Charcode to string converter is the opposite of string to charcode. It will convert entered charcodes into strings.
The Table Extractor is for extracting data from files to be used in your Delphi apps, be it chiptunes, patchdata, whatever.
The Array Maker does exactly as it says on the tin, and allows you to create arrays quickly and easily. This module was originally coded as a standalone app by my friend Saduff, but he has allowed me to merge it into the Delphi tool. Greetz!
Source Cleaner ...cleans your source It makes your source easier to read and work throught. Coded by KenTheFurry, who has given code and permission to merge it into Delphi Tool. Thank you too!
The ASCII Table viewer is simply a viewer for a full ASCII table. The table was taken from:
http://users.physik.fu-berlin.de/~goerz/blog/wp-content/uploads/2008/09/ascii.gif
Format/Type: EXE/Tool
Size: 276kb
SHA-1 of Archive: 118D598F90FCCD4CA6F69A7B8972653CD2FF9AFE
Screenshot attatched.
-
If you have any ideas, bug reports, or suggestions for Delphi Tool, please PM me - or post on the release thread of the tool.
- RaptoR
3,765 downloads
0 comments
Updated
-
dirtyJOE
By ReWolf
dirtyJOE - Java Overall Editor is a complex editor and viewer for compiled java binaries (.class files).
dirtyJOE is free for non-commercial use.
dirtyJOE is entirely written in C++.
dirtyJOE is using Python library as a script engine.
Main features:
Viewer for: constant pool, methods, fields, attributes
Editor for: constant pool, bytecode, file header, attributes
Python scripting for encrypted strings
Current version: v1.5 (c359)
Project homepage
2,091 downloads
0 comments
Updated
-
Dissecting RC4 - Algorithm
By E33
This application will show you how Algorithm RC4 works
534 downloads
0 comments
Submitted
-
EASY SNIFFER CREATOR
By unknown021
hey guys
i create a program for serial sniff by vb6
esc features :
check crc(automatic)
unicode string
small size
background music
bypass packers
and .....
sorry for my english (im persian)
enjoy it
1,745 downloads
0 comments
Updated
-
Exeinfo PE
By A.S.L
If you need to view information about various EXE files, Exeinfo PE is a small toll that does exactly that. It can analyse EXE files and acquires detailed information about their properties, offering you the possibility to save overlays and create backups.
The application is portable so you don’t need to install it, plus your Windows registry will remain unchanged.
The simple interface has a plain window where you can drag and drop an EXE or DLL file, or load it via the built-in file browser. Then the application will display the file size, file offset, entry point, linker information, EP section, sub-system and overlay. Furthermore, you can also insert HEX data to analyse BIN information.
A section viewer can be opened, where users can see every virtual offset and size, flags, name, RAW data offset and size, first bytes and section status. Header information is also available such as security, debug, exception, T:S table, size of headers, number of directories and so on.
The application can be set to perform a fast scan from the Options menu. Moreover, from the same place, you can configure Exeinfo PE to ignore EXE errors, set it to be always on top, choose the big interface or integrate it into the shell.
Plugins:
https://github.com/ExeinfoASL/plugins
Support Topic:
https://forum.tuts4you.com/topic/8412-exeinfo-pe/1,000 downloads
Updated
-
FastOldskoolCracktroMaker
By JHD
hi
here is a first alphaversion of my oldskoolish cracktromaker
the manual is only german, but i hope u can find how to use it
have fun =)
5,918 downloads
0 comments
Submitted
-
Funny x_dbg Text Patcher
By GNIREENIGNE
I was bored and tired of being reminded that I was wasting my life.
Here is a simple text patcher for x32dbg and x64dbg. Just drop the patcher in your x32 and x64 folders and run it.
Thanks!
613 downloads
0 comments
Updated
-
HexDec
By DonDD
Converter Hex-Dec-Bin-Chr and calculator (Xor,Or,And,Mod,Div,Mul,Shl,Shr)
0.02 - Added button to clear the input fields.
p.s.
If you have any ideas, bug reports, please PM me - or post on the release thread of the tool.
2,209 downloads
0 comments
Updated
-
hookit.zip
By ZeDuS
http://code.google.com/p/hookit/
A tool that automates C++ class wrappers, global function hooking, and dll proxy generation.
I coded the C++ class wrapper and global function hooking code generation.
Both GUI (Nedim Sabic ) and dll proxy generation code (Michael Chourdakis) aren't mine.
Click on the help button after running hookit.exe more details.
I use this tool a lot, so i thought it's time to share it =)
Enjoy.
627 downloads
0 comments
Submitted
-
Import Reconstructor (ImpREC)
By Teddy Rogers
This tool is designed to rebuild imports for protected/packed Win32 executables. It reconstructs a new Image Import Descriptor (IID), Import Array Table (IAT) and all ASCII module and function names. It can also inject into your output executable, a loader which is able to fill the IAT with real pointers to API or a ripped code from the protector/packer (very useful against emulated API in a thunk).
Sorry but this tool is not designed for newbies, you should be familiar a bit with manual unpacking first (some tutorials are easy to find on internet).
2,420 downloads
0 comments
Updated
-
Imports Fixer - Legacy Archives
By Teddy Rogers
This is a complete collection of public and private builds of Imports Fixer (mainly a collection of private builds). I am uploading all of these for posterity reasons before they are deleted and for those people who like to look over this stuff.
Most of these old builds will not work on modern Windows OS's and IF is no longer being developed so do not expect them to function correctly.
If you need to use an imports fixer I suggest turning to a publically accessible imports builder such as Scylla. It is more feature complete, supports modern OS builds and is open source - so you can fix any bugs.
In advance of questions regarding IFv1.7, this version was never completed and no private builds were released. Version 1.6 is where all the fun ended...
Ted.
1,483 downloads
0 comments
Updated
-
Submitted
-
Jump Calculator
By mAStEr pAIn
This is my own coded jump calculator...
Coded specially for our team site but i will share it the members on this board.
It's simple as it is and nothing special. It's a simple jump calculator.
Fill the fields for "Jump From:" and "Jump To:" with a hex address and press the button "Calculate". Thats all...
Simple eh?
grEEtZ iNvIcTUs oRCuS
1,005 downloads
Submitted
-
Jump to Hex Converter
By Teddy Rogers
Another tool to convert asm jumps to opcodes...
1,782 downloads
Submitted
-
Liquid Crack Generator 2
By missinginbytes
My very old generic crack generator. Supports skins, music and text scroller by your choice.
- What does "generic" means?
- It does not only patch concrete offsets but it's trying to find the same segments into the target app so it might be newer version of the app but the same parts of the code might exist so it cracks them.
It's very old, I'm uploading it just to share it but if you feel it useful feel free to use it.
1,586 downloads
Submitted
-
Modules To Pas Converter.zip 517.23 KB
By X-88
convert your extended module files to *.pas
thx to : BeRo & http://un4seen.com
611 downloads
0 comments
Submitted
-
Download Statistics