Leaderboard

The tool created with love for all RCE community. If you have any feedback bug repport share it here...

2025.10.15 — x86/x64 v3.5.1.3 1.Patch customization: added a batch of hijack DLLs and you can configure hijack modules on the "Custom Patch Settings" page. Patches can now bundle custom files — non-PE files will be extracted to the target directory together with the patch, while other files can be optionally extracted. Patch data in the cracking modules PYG/PYG64 now supports dynamic expansion. 2.Added a small utility: “Process Hijack DLL Detector” — provides a closed loop from detecting usable hijack DLLs → generating a hijack DLL project → adding that custom hijack module into a patch. 3.The hijack code generator is now compatible with the latest VS2022; fixed intermediate directory settings. 4.When the patch logo popup is closed, the target application's main window is brought to the foreground. 5.The main program now generates a dump file when it crashes. 6.Fixed compatibility issues with VMP 3.x and several bugs — thanks to csjwaman and 真小白 for their bug reports. 7.Added tooltip (tip bubble) support on UI controls so full text can be displayed. 8.Thanks to KuNgBiM and 红豆 for providing multilingual files and proofreading copy. 9.Improved data protection, compatibility, and anti-debugging; thanks to kxoe for the suggestions. 10.Minor UX/details optimizations in the main program — for example, improved prompts when saving bpt projects. Baymax Patch Tools v3.5.1.3.zip Baymax Patch Tools x64 v3.5.1.3.zip Baymax toOls for x64dbg v1.9.5 1. Add replacement function for search data 2. Add feature code option with real-time effect 3. Add more language files Baymax toOls for x64dbg v1.9.5.zip

4n4lDetector 3.0.0 Download: https://github.com/4n0nym0us/4n4lDetector/releases/tag/v3.0 [+] The function search code for "Import Table" and "Call Api By Name" has been optimized. [+] A general optimization has been performed with one of the largest buffers in memory, this positively affects the stability and speed of the general analysis. [+] The size of the file to be analyzed has been increased by default to 50MB. [+] An optimization has been made in the search engine for the "Show Offsets" option and in the handling of buffers. [+] Searches for generic malware terms, different types of exploitation, APTs and terminologies that may affect the State in "4n4l.Rules" have been included. [+] A cleaning of null bytes 0x00 is performed in the variable where the report is stored to avoid bugs in the output of the text box of the main form. [+] The tool interface takes on a darker base tone. [+] A donation button via (PAYPAL) has been included since I have finally decided to continue with the project publicly for everyone. [+] A bug was fixed in which false functions could be included in the "Export Table" list by carving. [+] The Interest's Words module includes new internal words for the tool, for ansi and unicode. [+] A bug in the web view was fixed that could aesthetically affect the view of the Interest's Words module statement. [+] Optimizations were made in the Known IP/Domains module for ansi and unicode. [+] New search syntaxes were included in the "Intelligent Strings" module to increase interesting results. -> Internal cleanup syntaxes were added to show more stylized results. -> An optimization has been made with a direct impact on the variables used in this module. [+] A more selective cleaning of the extracted URLs is performed: -> URLs with extensions in the context of PKI digital certificates are reconstructed. -> Htm extensions are reconstructed. -> ".com" domain endings are cleaned. -> Possible HTML code cleaning is performed. [+] A progression system based on medals has been included. -> Brown Padawan Medal, Bronze Medal, Silver Medal, Gold Medal and Platinum Medal. -> The process can be slow, don't despair... because it's worth it. -> These medals will be earned as you use the tool over the course of days, weeks, months and consequently their functionality will also increase progressively. -> The medals will only work on the work machine on which they have been earned, if you want to make it work on another machine of yours try it yourself (You're a hacker, right?). -> The features or surprises that come with leveling up are not included in this file, although you can review them in the "Settings" section of the tool.

New Version 0.7.5 Published Release Date: 29/07/2025

Registration Opened !

The best loader at all. For packed exe and dll. Moreover it is antivirus friendly !!!! The created loader is not detected by windows defender as a malware or a virus. Thanks to at4re And thanks to our forum members for the sharing

Tested Successfully with Targets Protected by: VMProtect، Themida, EXECryptor, Obsidium, The Enigma Protector....

This thing helped me to play Joker's exe (packaged swf) https://github.com/Aira-Sakuranomiya/CleanFlashInstaller/releases

By clicking on the, "Download this file", button... Ted.

Some times to make patch to DLL file with our tool you need to understand when dll target get unpacked firstly this is the most important, and for that you need to understand the best moment of pointer position in main exe while debugging, our Loader able to detect Static Opcode in Static Stack, if you use this way you can Creat a Strong Loader for your Target EXE or DLL.

New Version 1.10 Published Release Date: 07/09/2025

New Version 0.9 Published Release Date: 06/09/2025 [+] New Checkbox in Options Form - Creat a Loader For Windows XP. Loader Details: [+] Loader Now Full Support Windows XP x32 and x64.

New Version 0.7.7 Published Release Date: 28/08/2025

Hello everyone... The Kaspersky Anti-Virus I use detected a Trojan in this file.

Yes, you need to install trillix swf decompiler. https://cdn.eltima.com/download/flash_decompiler.exe Regards. sean.

Version : 0.0.8.3 - ( 1183 / 169 - x64 signatures ) www Last site update : 2024-02-24 https://github.com/ExeinfoASL/ASL/releases/tag/exeinfo Added pack .lzma , .lzma Undetectable , .lzma unpacker config : added [Internet Browset ] change to user path Viewer : added [ Save to File - window log ] fixed VMprotect v3.5+ added : Inno unpacker script view Exe Rippers - save to created Directory : !Rip_exe_{file_name} added overlay detector l + section ovl scan [ Python .Zlib Archive "PYZ" added Function : Detect_BoxedApp_SDK32 Ripper .7z xor FF - fixed , detect crypted 7z v.0.4 in Advanced Installer [ v19.x ] Set Buffer for exe file : 336 MB Lzma packer ( now you can send malware file via gmail ) : exeinfope.exe FileName /plzma - pack file with lzma packer ( 7z compatible ) for many files ( mask files ) : console mode - exeinfope.exe FileName* /plzma - pack file with lzma packer Lzma unpacker : exeinfope.exe FileName /ulzma - unpack file with lzma packer ( 7z compatible ) for many files ( mask files ) : console mode - exeinfope.exe FileName* /ulzma - unpack file with lzma packer update Obsidium v1.5 - 1.8.2.2 added detector for DLL 32bit : [ plugin for : AutoPlay Media Studio ] v8.5 http://www.indigorose.com added detector for DLL 64bit : [ .PYD Python C Extensions library ] added console mode : unpack all exe files and Inno script from InnoSetup installer ( work only if you don't have installed Inno Extractor - Exeinfo Pe internal unpacker ) parameter example : exeinfope.exe file_name /unp-inno-exe added Skater v24.2.0.51 2024 ( protected DLL still not detected ) Delphi version resolver Added ( not 100% ) : Delphi XE7 - v10.4 , Delphi v10.4 Sydney , Delphi v10.4 Rio , Delphi v11.0 Alexandria , Delphi v12 Yukon , Delphi v10.2 Tokyo , Delphi v10.1 Berlin added Config GUI : Wow64 redirect added [Internet Browset ] change to user path added Inno extractor - view inno script added to NOT EXE - .7z 7-ZIP Archive v.0.4 [ AES - detected - password required ] [ Mode : DEFLATE ] [ Mode : P7Z_BCJ ] [ Mode : LZMA:21 BCJ ] added detector for protected 7zip : Ripper don't ripp "protected .7z archives by CryptoNickSof" but Exeinfo PE detect it ! and others ...

Download works fine. MD5 checksum should look like this... Tuts_4_You_UnpackMe_Collection_(2016).rar : ebbc1fe726986f9d8f1e1ca1c3a08c67 Ted.

Firstly You Must Set Hardware Breakpoints on your Target address (where you want to make changes) Then You Must Break on System DLL Entry (For Identify the last Loaded DLL Before The Pointer Stop on your Target address) Finally Set Memory Breakpoint on Write at .data Section of your main EXE Here we Go Like Last Example: Our DLL Befor Stop at our address is: wsock32.dll Next Step Restart Target and Finding Static Opcode in Static Stack and check our DLL Target Code if Unpacked Summary: main:0002064F:10:0; tgsdk.dll:00006310:00:0; tgsdk.dll:00006638:74:0When Our Loader Loop Checking First Byte of RVA 1 in Stack and when Checking is OK, That means EIP is running in 004012EC, and our Target DLL is unpacked and ready to write the Loader Data. I hope This Tuto Can Help Greetings AT4RE

Here is an Example: DLL Protected By: ASProtect v2.x Static Opcode in Static Stack: Result: Test Files With ATPL Project & Loader: https://mega.nz/file/HZwxhA7J#aTuTBmfXkWbuGiMWaBhPTJpOfcoJsIB9jGDBkycilww Greetings AT4RE

Thank you, m!x0r. The version 1.8 you released is now free of the issues with my Kaspersky Anti-virus. I've tried a scan and there are no more False or True alarm issues. Thank you again for your hard work.

what maximum number of hijacking dll?If i added 28 dll and make hijack patch-its loaded empty

Thank you for sharing. These tools are beneficial for the development of AI in the future. AI GENERATOR PATCH HOOK .DLL can simply write commands and automatically specify patch points through AI decryption calculations. I just write commands and AI can patch points in whatever I want everything. In the world of the future, human thoughts will be embedded within AI intelligence. It will be extremely smart, with everything gathered from the ideas of people around the globe. Our work will become easier and it will continue to evolve for the benefit of all humankind.

Use DLL tracer then try 5 last dll name in wait lib feature or increase loader timer delay between 2000000-5000000

v.0.0.9.1 exeinfope.zip

Best tool I like I tested some of the target working well

A very good tool for patching !!!!

YES! 9.1 GA (find it here as a torr) 90beta is buggy

https://github.com/ExeinfoASL/ASL/releases v.0.0.9.0

New download link: https://workupload.com/file/msCSm45zjQm Download link working fine, in my test.

release 1.42 +support x86 injection(LdrLoadDll) +fix bug(load patch file) Remote Process Injector1.42.rar

0.0.8.7 Beta II ExeinfoPe_0087_Beta_II.zip

@4n0nym0us have you tried updating and attaching the latest file here? Ted.

4n4lDetector 2.9.0 Download: https://github.com/4n0nym0us/4n4lDetector/releases/tag/v2.9 [+] New logo of the application by Sandra Badia Gimeno (www.sandrabadia.com). [+] Relocated Kernel-mode functions to the Suspicious Functions section. [+] Surprises are included so you don't get bored with daily use of the tool. [+] A multitude of tests were carried out focused on providing the greatest stability, speed and effectiveness of the extracted contents. [+] Optimization during idle state. File creation checks are no longer performed for the PECarve and UPX functionalities. [+] Detection of sections that allow writing from flags was included. [+] The extraction of functions from the "Export Table" using Carving has been slightly improved. [+] The name of the file under analysis has been included in the content of the report. [+] Added a longer description about the possibilities of the Zombie_AddRef function. [+] Fixed a bug where the "Show Offsets" tool dump did not allow reading a small portion of the end of the analyzed file. [+] Now when you click on the Virustotal result in the main form, it will take us to the analysis web page. [+] Virustotal analysis has been included in the analyzes carried out from console mode. [+] Review of Shikata_ga_nai detections and update of Payload detection heuristics. [+] Increased and improved the query extraction functionality of the ASCII and UNICODE records branch. [+] Increased and improved the ASCII and UNICODE SQL query extraction functionality. [+] Increased and improved URL extraction functionality, also searches FTP and SFTP in ASCII and UNICODE. [+] Increased and improved ASCII and UNICODE file name extraction functionality. -> .EXE, .DLL, .BAT, .VBS, .VBE, .JSE, .WSF, .WSH, .PS1, .PSM1, .PSC1, .SCR, .HTA, .DLL, .PIF, .MSI , .MSP, .SYS, .CPL, .JAR, .TXT, .INI, .PDF, .WDS, .DOC [+] The word finder has been completely delimited for any search location of the text boxes. -> In web view the browser is now automatically blocked. [+] Fixed a rare error in the IPs section that could lead the execution thread to a loop without finishing analyzing the files. -> This fix also fixed the ability to end analysis with a single active option in the tool's modules panel. [+] The 4n4l.rules module now internally converts text format rules "T:" to Unicode format. -> The rules of this file have been optimized, now search more with less. [+] The bytes to be reviewed at the Entry Point by the rules file are increased from 100 to 1500. -> Revised some of the rules to eliminate false positives after the update. [+] The reading of the rule files is done only once after starting the application or after the first analysis, then it is loaded into memory for future uses. -> The charging status can be checked from the "Settings" section. [+] Added the tilde (~), the dollar ($), the single quote (') and the double quote (") as characters that can be part of the reports. -> A conversion filter is applied to these quotes for the tool's Web view. [+] Worked on the efficiency of the "Intelligent Strings" module. -> The length of strings to be analyzed was increased in all the Strings functionalities of the tool (75% longer strings). -> Specific cleanup of anomalous characters is now performed and new ones are allowed. -> Search words were extended. [+] Added a graph in charge of displaying the content of the executables and any analyzed files. -> The executable header is displayed in blue. -> The identified sections are divided between magenta for the executable sections and black for the rest. -> The excess code of the executables will have a red color as in Crypters, Binders, Joiners... -> If the analyzed section contains an RSize of zero, its content will not be painted on the graph. -> If the file is not a Windows executable, it will be scanned for printable characters and the absence of printable characters. Blue and black when there is no content. -> When you double click on the graph, it will automatically be saved in the analysis folder. -> The executions measure the console mode of the application "-TXT", "-HTML" or "-GREMOVE" include the graph as analysis output.

Excellent work. baby malibu

yeah, smth is not good maybe it works only on Win XP? its 20 years old... this is all I see - does not start to play

Download from here: https://down.52pojie.cn/Tools/Patchers/

@Teddy Rogers Many thanks for sharing it. Regards. sean.

Is there a detailed tutorial for this somewhere?

There is adobe debug flash player that will help you play lena151 videos h****://www.adobe.com/support/flashplayer/debug_downloads.html

Since flash is killed and lena151 tuts are in flash here is quick help to open the files https://drive.google.com/drive/folders/1lmqCzf2vNoddp70wrWBKS_GS7iPLD-RN?usp=sharing

https://github.com/daddesio/ollydbg-address-shortcuts/releases/tag/2018-03-23 compiled

Here you can find https://easyupload.io/77c2v9

By seeing the number of imports on your screenshot and the ollydbg.exe in upper case i would guess you tried this on ollydbg v1.10, not on ollyv2 The description don't mention it here but that thing is for v2, if you look inside the readme of the archive, it says (in french) that the code has been rewrote for olly 2. So try with v2, or recompile the dll for v1. Also i'm checking the src and this can really be improved more. Especially for the v2 as if you rename ollydbg.exe to blabla.exe, then it will look for blabla.ini, but OllyPath2 will create only 'ollydbg.ini' as this string is in hard inside.

just delete the PuntosMagicos

This was the time I was active, did dongles and stuff, compare with now, that was easy, I did now the rocky4 and set on all the switches of the program flow. it is quite fun, attacking the dongle does not work well, emulating is fun. I had the first computer in 1989 a dos, 20 Mb harddisk, yes these costs mony that time, and much more the cd C:\ was not possible, are real tekst machine, not more. Hardisk was in that time 2160 gulden, for 20Mb.

thanks for the cool fonts

Hidden part, for fun: Run the intro, open a memory editor like Cheat Engine, and set '42A674' to 2. (4 byte value)

The osdm version. found by accident..thinking it said Napalm... PACE_Napalium.exe

v1.1 Plugin menu not appear. after applied folder seting from also not working after restart. it resets the path OllyDBG.ini.