Jump to content
Tuts 4 You

Tools & Utilities

Numerous RCE related tools and utilities...

48 files

  1. asm2op

    This is a really simple tool
    actually i code it only for me
    and this app is wriiten in FREEbasic

    1,160 downloads

    0 comments

    Submitted

  2. API Addresses Finder...

    A tool to retrieve API addresses.

    2,305 downloads

    0 comments

    Submitted

  3. Jump to Hex Converter

    Another tool to convert asm jumps to opcodes...

    1,570 downloads

    0 comments

    Submitted

  4. Strong.Name.Helper.v1.7-whoknows-pass-bs.7z

    Bundle of .NET tools!
    The development ended @ 2012 with v1.7. Main reason is to defeat strong name validation, on the other hand third party tools merged!
    ACorns.Hawkeye
    Is the only .Net tool that allows you to view, edit, analyze and invoke (almost) any object from a .Net application. Whenever you try to debug, test, change or understand an application, Hawkeye can help.
    CFF Explorer-NTCore
    Designed to make PE editing as easy as possible, but without losing sight on the portable executable's internal structure.
    HwndSpy-dp0
    Is an invaluable tool for developers doing maintenance on GUI applications, where they first need to understand the windows hierarchy and how the windows are structured.
    HxD-Mael Horz
    Is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.
    Mono.Cecil-Evain
    Is a library to generate and inspect programs and libraries in the ECMA CIL format.
    Procmon-SysInternals
    Is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.
    Resource2+4-fish
    Is a utility to easily refresh embedded resources in a .NET assembly. ResX Schema(*.resX), Embedded Resource(*.resources), Import/Export/View/Edit/Translate embedded resources,  Text/Icon/Bitmap/Cursor/String/ImageListStreamer/PinnedBufferMemoryStream (v4)...
    SysTracer-blueproject
    Is a system utility tool that can scan and analyze your computer to find changed (added, modified or deleted) data into registry and files.
    de4dot-0xd4d
    Is an open source .NET deobfuscator and unpacker written in C#.

    Assembly_Resigner-CodeCracker
    HeaderFixer-CodeCracker
    NR_Bad_Net_Opcode_Remover-CodeCracker
    StrongName_Killer-CodeCracker
     
    Password to extract is bs
     
     

    2,111 downloads

    0 comments

    Updated

  5. Real & Virtual Addresses (R.V.A)

    1- Gives some info about programs PE and sections !!
    2- Converts Virtual to Real and Real to Virtual Offset !!

    3,211 downloads

    0 comments

    Submitted

  6. Mouse Key Swapper

    hey guys
    maybe you've read my post about this one
    but I thought maybe it's usefull for you guys
    I'm a big fan of VB :F so it's coded in that
    language ^^



    FOX

    582 downloads

    0 comments

    Submitted

  7. Funny x_dbg Text Patcher

    I was bored and tired of being reminded that I was wasting my life.
    Here is a simple text patcher for x32dbg and x64dbg. Just drop the patcher in your x32 and x64 folders and run it.
    Thanks!

    356 downloads

    0 comments

    Updated

  8. PPEE (puppy)

    This is a professional PE file explorer that lets you dig into all data directories available in the PE/PE64 file and edit them.
    Export, Import, Resource, Exception, Certificate(Relies on Windows API), Base Relocation, Debug, TLS, Load Config, Bound Import, IAT, Delay Import and CLR are supported.
    Two companion plugins are also provided. FileInfo, to query the file in the well-known malware repositories and take one-click technical information about the file such as its size, entropy, attributes, hashes, version info and so on. YaraPlugin, to test Yara rules against opened file.
    Puppy is robust against malformed and crafted PE files which makes it handy for reversers, malware researchers and those who want to inspect PE files in more details.
    Puppy is free and tries to be small, fast, nimble and friendly as your puppy!
     
    Website: https://www.mzrst.com/

    1,620 downloads

    0 comments

    Updated

  9. TrayNote 1.2

    TrayNote is a simple tray app to make your life easier when you want to take notes. When programming/reversing/anything, I generally have loads of windows open. Obviously when I want to take notes/make a todo list or anything, it's difficult to have another window open, and have to be searching the taskbar for it. This app hides in the system tray, so all you have to do is click the icon, and you have a mini notepad, that can hide again in a moment's notice!

    Any other info you'll need is in the Readme



    !! Please note that you MUST merge the TrayNote.reg file to your registry before trying to launch TrayNote - otherwise it will fail to start. !!



    Coded this in Delphi.

    Hope ya'll enjoy it!


    ====

    NEW VERSION 1.20
    on 25th of May 2009!

    Changelog:

    TrayNote Version 1.2
    |
    |-> Complete 25th May 2009
    |-> Fixed bug where the scrollbar would fail to work when the user expanded the window with the >> button
    |-> Fixed bug where Ctrl+A wouldn't select all in the textbox
    |-> Fixed bug where the popup menu from the system tray icon wouldn't disappear unless an item was selected
    |-> Added "Settings" form
    |-> Added options to...
    |-> Set colours of Form, Titlebar, TextBox
    |-> Set fonts of Titlebar, Textbox
    |-> Set transparency/opacity of form
    |-> Set keyboard shortcut to show TrayNote
    |-> TrayNote Automatically saves all of these settings
    |-> Added feature allowing TrayNote to move around the screen, and its position is automatically saved
    |-> Added feature that TrayNote remembers the file it's working on, and the "Save" button now saves straight to this file
    |-> Fixed bug where TrayNote's opacity options would not be reflected until TrayNote was restarted

    942 downloads

    0 comments

    Updated

  10. Dec-Hex-Char

    Conversion in any way.

    Version 0.3 available in support topic

    1,149 downloads

    0 comments

    Updated

  11. API Function Fetcher

    This tool simply gets the hardcoded address of windows apis I wrote it for me but thought someone else might use it. It does essentially the same thing as the SnD API tool I wish I had seen that before I wrote this one . Coded in masm full source included modify as you like.

    959 downloads

    0 comments

    Submitted

  12. Strong Name Helper

    Bundle of .NET tools!
    Main reason is to defeat strong name validation, on the other hand third party tools merged!
    ACorns.Hawkeye
    Is the only .Net tool that allows you to view, edit, analyze and invoke (almost) any object from a .Net application. Whenever you try to debug, test, change or understand an application, Hawkeye can help.
    CFF Explorer-NTCore
    Designed to make PE editing as easy as possible, but without losing sight on the portable executable's internal structure.
    HwndSpy-dp0
    Is an invaluable tool for developers doing maintenance on GUI applications, where they first need to understand the windows hierarchy and how the windows are structured.
    HxD-Mael Horz
    Is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.
    Mono.Cecil-Evain 
    Is a library to generate and inspect programs and libraries in the ECMA CIL format.
    Procmon-SysInternals
    Is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.
    Resource2+4-fish
    Is a utility to easily refresh embedded resources in a .NET assembly. ResX Schema(*.resX), Embedded Resource(*.resources), Import/Export/View/Edit/Translate embedded resources,  Text/Icon/Bitmap/Cursor/String/ImageListStreamer/PinnedBufferMemoryStream (v4)...
    SysTracer-blueproject
    Is a system utility tool that can scan and analyze your computer to find changed (added, modified or deleted) data into registry and files.
    de4dot-0xd4d
    Is an open source .NET deobfuscator and unpacker written in C#.

    Assembly_Resigner-CodeCracker
    StrongName_Killer-CodeCracker

    726 downloads

    0 comments

    Updated

  13. Delphi Tool Version 2.00

    At last, it's here! xD
    Sorry about the delay, but I had other stuff going on...so yeh. It's here now. Hope it was worth the wait!


    Delphi Tool
    Version 2.00

    Code + GFX by RaptoR of Team iNFECTiON

    -

    Details:

    Description: This tool was originally just a String Splitter for Delphi, but after a few suggestions to expand it, I have. It now comprises of:
    Delphi String Splitter
    Delphi String Unsplitter
    String To Charcode Converter
    Charcode to String Converter
    Table Extractor
    Array Maker
    Source Cleaner
    ASCII Table Viewer

    The string splitter module splits up strings into more managable blocks. It is very handy for cutting long strings into ones that Delphi can handle (as you know, the maximum length of a string in Delphi is 255 characters. This can be annoying when using long strings, when for example working with encryption schemes). It is also handy for simply tidying up long code.

    The string unsplitter module does the reverse of the string splitter module, and concatenates strings that have been split with the string splitter (or by other means) into one.

    The string to charcode converter will convert an entered string into Delphi's character codes. For example "RaptoR" becomes "#82#97#112#116#111#82".

    Charcode to string converter is the opposite of string to charcode. It will convert entered charcodes into strings.

    The Table Extractor is for extracting data from files to be used in your Delphi apps, be it chiptunes, patchdata, whatever.

    The Array Maker does exactly as it says on the tin, and allows you to create arrays quickly and easily. This module was originally coded as a standalone app by my friend Saduff, but he has allowed me to merge it into the Delphi tool. Greetz!

    Source Cleaner ...cleans your source It makes your source easier to read and work throught. Coded by KenTheFurry, who has given code and permission to merge it into Delphi Tool. Thank you too!

    The ASCII Table viewer is simply a viewer for a full ASCII table. The table was taken from:
    http://users.physik.fu-berlin.de/~goerz/blog/wp-content/uploads/2008/09/ascii.gif




    Format/Type: EXE/Tool
    Size: 276kb
    SHA-1 of Archive: 118D598F90FCCD4CA6F69A7B8972653CD2FF9AFE
    Screenshot attatched.

    -

    If you have any ideas, bug reports, or suggestions for Delphi Tool, please PM me - or post on the release thread of the tool.



    - RaptoR

    3,501 downloads

    0 comments

    Updated

  14. ScyllaHide

    ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). If you need kernelmode (ring0) Anti-Anti-Debug please see TitanHide https://bitbucket.org/mrexodia/titanhide.

    ScyllaHide supports various debuggers with plugins:

    - OllyDbg v1 and v2 http://www.ollydbg.de
    - x64_dbg http://x64dbg.com or https://bitbucket.org/mrexodia/x64_dbg
    - Hex-Rays IDA v6+ https://www.hex-rays.com/products/ida/
    - TitanEngine v2 https://bitbucket.org/mrexodia/titanengine-update and http://www.reversinglabs.com/open-source/titanengine.html

    PE x64 debugging is fully supported with plugins for x64_dbg and IDA.

    Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger.

    More information is available in the documentation: https://bitbucket.org/NtQuery/scyllahide/downloads/ScyllaHide.pdf

    Source code license:
    GNU General Public License v3 https://www.gnu.org/licenses/gpl-3.0.en.html


    Special thanks to:

    - What for his POISON Assembler source code https://tuts4you.com/download.php?view.2281
    - waliedassar for his blog posts http://waleedassar.blogspot.de
    - Peter Ferrie for his PDFs http://pferrie.host22.com
    - MaRKuS-DJM for OllyAdvanced assembler source code
    - MS Spy++ style Window Finder http://www.codeproject.com/Articles/1698/MS-Spy-style-Window-Finder

    4,545 downloads

    0 comments

    Updated

  15. Imports Fixer - Legacy Archives

    This is a complete collection of public and private builds of Imports Fixer (mainly a collection of private builds). I am uploading all of these for posterity reasons before they are deleted and for those people who like to look over this stuff.
    Most of these old builds will not work on modern Windows OS's and IF is no longer being developed so do not expect them to function correctly.
    If you need to use an imports fixer I suggest turning to a publically accessible imports builder such as Scylla. It is more feature complete, supports modern OS builds and is open source - so you can fix any bugs.
    In advance of questions regarding IFv1.7, this version was never completed and no private builds were released. Version 1.6 is where all the fun ended...
    Ted.

    765 downloads

    0 comments

    Updated

  16. HexDec

    Converter Hex-Dec-Bin-Chr and calculator (Xor,Or,And,Mod,Div,Mul,Shl,Shr)

    0.02 - Added button to clear the input fields.
    p.s.
    If you have any ideas, bug reports, please PM me - or post on the release thread of the tool.

    1,803 downloads

    0 comments

    Updated

  17. mRelease Builder

    Powerful, Small and Easy tool for creation yours releases with flexible
    support of a NFO and DIZ templates and packing them in a archive.

    745 downloads

    0 comments

    Submitted

  18. dirtyJOE

    dirtyJOE - Java Overall Editor is a complex editor and viewer for compiled java binaries (.class files).

    dirtyJOE is free for non-commercial use.

    dirtyJOE is entirely written in C++.

    dirtyJOE is using Python library as a script engine.

    Main features:
    Viewer for: constant pool, methods, fields, attributes
    Editor for: constant pool, bytecode, file header, attributes
    Python scripting for encrypted strings

    Current version: v1.5 (c359)

    Project homepage

    1,699 downloads

    0 comments

    Updated

  19. hookit.zip

    http://code.google.com/p/hookit/

    A tool that automates C++ class wrappers, global function hooking, and dll proxy generation.

    I coded the C++ class wrapper and global function hooking code generation.
    Both GUI (Nedim Sabic ) and dll proxy generation code (Michael Chourdakis) aren't mine.

    Click on the help button after running hookit.exe more details.

    I use this tool a lot, so i thought it's time to share it =)
    Enjoy.

    479 downloads

    0 comments

    Submitted

  20. [SCT]Reversers' Calculator

    Reversers' Calculator is a full tool that combines all logical and mathematical operations, also can convert hexadecimal numbers to binary, decimal(signed/unsigned),octal and string. This tool is very handy for all reversers.

    1,441 downloads

    0 comments

    Submitted

  21. PEFile.rar

    Hi all,

    i created a command line pe header dump tool with gives you all kind of information about the PE file.

    Support both 32 and 64 bit PE files.

    Main tool site link: http://pefile.net

    Tool features:
    File Name.
    MD5 Hash.
    SHA1 Hash.
    NT Offset.
    File Entropy.
    Sections MD5.
    Sections Entropy.
    Overlay Count.
    File-Overlay.
    File Attributes.
    Time Stamp.
    File Version Info.
    Header Information.
    Characteristics information.
    Dll Characteristics.
    Data directory sections.
    Image ConfigInformation.
    Imported DLL List.
    Imported functions from the DLL.
    Stream (ADS) Information.
    Resource Information.
    Support Screen (stdout), Text and HTML output.


    Have Fun.

    371 downloads

    0 comments

    Submitted

  22. VA to RVA converter

    Simple utilty to help unpackes calculate the RVA of a adress.
    The default imagebase is 400000h

    569 downloads

    0 comments

    Submitted

  23. PE-Info

    This application provide information about PE File.
    If you have time, please report any kind of mistake in this application.

    Regards

    732 downloads

    0 comments

    Updated


×
×
  • Create New...