Leaderboard

A collection of tutorials aimed particularly for newbie reverse engineers. 01. Olly + assembler + patching a basic reverseme 02. Keyfiling the reverseme + assembler 03. Basic nag removal + header problems 04. Basic + aesthetic patching 05. Comparing on changes in cond jumps, animate over/in, breakpoints 06. "The plain stupid patching method", searching for textstrings 07. Intermediate level patching, Kanal in PEiD 08. Debugging with W32Dasm, RVA, VA and offset, using LordPE as a hexeditor 09. Explaining the Visual Basic concept, introduction to SmartCheck and configuration 10. Continued reversing techniques in VB, use of decompilers and a basic anti-anti-trick 11. Intermediate patching using Olly's "pane window" 12. Guiding a program by multiple patching. 13. The use of API's in software, avoiding doublechecking tricks 14. More difficult schemes and an introduction to inline patching 15. How to study behaviour in the code, continued inlining using a pointer 16. Reversing using resources 17. Insights and practice in basic (self)keygenning 18. Diversion code, encryption/decryption, selfmodifying code and polymorphism 19. Debugger detected and anti-anti-techniques 20. Packers and protectors : an introduction 21. Imports rebuilding 22. API Redirection 23. Stolen bytes 24. Patching at runtime using loaders from lena151 original 25. Continued patching at runtime & unpacking armadillo standard protection 26. Machine specific loaders, unpacking & debugging armadillo 27. tElock + advanced patching 28. Bypassing & killing server checks 29. Killing & inlining a more difficult server check 30. SFX, Run Trace & more advanced string searching 31. Delphi in Olly & DeDe 32. Author tricks, HIEW & approaches in inline patching 33. The FPU, integrity checks & loader versus patcher 34. Reversing techniques in packed software & a S&R loader for ASProtect 35. Inlining inside polymorphic code 36. Keygenning 37. In-depth unpacking & anti-anti-debugging a combination packer / protector 38. Unpacking continued & debugger detection by DLL's and TLS 39. Inlining a blowfish scheme in a packed & CRC protected dll + unpacking Asprotect SKE 2.2 40. Obfuscation and algorithm hiding

============================ AT4RE Power Loader v0.1 (Release Date: 26/03/2025) ============================ [+] Console interface [+] Loader Coded in C++ with CRT (big Size: 85 KB when compressed about 190 KB uncompressed). [+] Supports patching single or multiple Relative Virtual Addresses (RVAs). Root Folder Contents: [+] ATPL.EXE (AT4RE Power Loader) [+] Version History.txt ============================ AT4RE Power Loader v0.2 (Release Date: 16/04/2025) ============================ The most powerful loader against strong and hard protectors. It also works with medium-level protectors, packers, compressors, and even unprotected executable files. Main Features: [+] GUI Coded in Borland Delphi 7 [+] From the GUI, you can browse to select the target file (maximum filename length is 255 characters). [+] You can also copy and paste the file name into the input field. [+] Choose between x32 and x64 loader versions. [+] Loader data can be entered only in the format shown in filed or in the screenshot. [+] Set a base timeout in milliseconds (Minimum: 00, Maximum: 9999 — i.e., 9.99 seconds). [+] Set 1-byte opcodes in the Opcode field using HEX characters (Opcode is the Original First Byte of RVA1). [+] Configure Opcode Timeout in milliseconds (Minimum: 00, Maximum: 9999 — i.e., 9.99 seconds). [+] Set the Loader Timer Delay in microseconds (Min: 00, Max: 9,999,999 — i.e., 9.99 seconds). [+] Configure the loader to start as Administrator. [+] Directly pack the loader with UPX. [+] Generate Loader.exe [+] Save or open projects for future use from File menu. [+] Set the GUI to "most on top" from the View menu. [+] Access the official website, report bugs, and find more information via about in the Help menu. Loader Details: [+] Coded in C++ using the Windows Pure API. [+] Loader size is 10 KB uncompressed, and 5 KB when compressed. [+] Supports Windows 7, 8, 10, and 11 (both x32 and x64). Features include: [+] Anti-ASLR [+] Anti-Anti-Debug [+] Anti-CRC Check [+] Automatically detects the base address. [+] Detects when the protector unpacks code into memory. [+] Can apply temporary patches after a specified delay in microseconds (Patch and restor original bytes). [+] Can apply permanent patches only with 00 Flag [+] Supports patching single or multiple Relative Virtual Addresses (RVAs). [+] Capable of patching up to 2048 bytes. [+] Can run as Administrator or Normal user mode. Root Folder Contents: [+] Project folder (Save or open projects for future use) [+] UPX folder (includes upx32.exe and upx64.exe) [+] ATPL.EXE (AT4RE Power Loader) [+] Version History.txt ============================ AT4RE Power Loader v0.3 (Release Date: 10/05/2025) ============================ The most powerful loader against strong and hard protectors. It also works with medium-level protectors, packers, compressors, and even unprotected executable files. Main Features: [+] Added Support Patching DLLs (Only DLLs Loaded by Target.exe). [+] Added Drag Drop Feature: For .EXE, .REG, .ICO Files. [+] Added Insert Loader Data feature (For Respect the Correct Format). [+] Added Registry Keys Manager (Max size: 1 KB / 1024 characters). [+] Added Delete Files feature (Max size: 1 KB / 1024 characters). [+] Added Icon Changer. [+] Added New Project option from File menu (Clears all fields). [+] Added Commands Shortcut Ctrl+N, Ctrl+O, Ctrl+S in File menu. [+] Added Contact Us section from Help menu. [+] Updated About from Help menu from box to a form. [+] Updated display fonts for Loader Data, Registry, and Files. [-] Removed "My Target run as admin". Loader Details: [+] Size is now 17 KB uncompressed, 7 KB when compressed. [+] Loader now Support Patching DLLs (Only DLLs Loaded by Target.exe). [+] Loader can now add or delete registry keys. [+] Loader can delete files. [+] Automatically requests Run as Administrator when needed (e.g.,Target need administrator privilege, modifying registry or deleting files from protected folders). [+] Icon support added. Root Folder Contents: [+] Icons folder (includes 5 icons). [+] Lib folder (includes bass.dll). [+] Project folder (Save or open projects for future use). [+] ResH folder (includes ResHacker.exe). [+] UPX folder (includes upx32.exe and upx64.exe). [+] ATPL.EXE (AT4RE Power Loader). [+] Version History.txt ============================ AT4RE Power Loader v0.4 (Release Date: 16/05/2025) ============================ The most powerful loader against strong and hard protectors. It also works with medium-level protectors, packers, compressors, and even unprotected executable files. Main Features: [+] Added Import menu. [+] Added Support .1337 patch files exported by x64dbg. [+] Set Opcode automatically when Load .1337 file. [+] Added OpenDialog when Double Click on: - Target Name field. - Loader Data field. - Registry field. - Custom icon field. Loader Details: [+] Fixed bug with registry feature. [+] Default icon changed. [+] Compressed Loader with Default icon 8 KB. Root Folder Contents: [+] Icons folder (includes 5 icons). [+] Lib folder (includes bass.dll). [+] Project folder (Save or open projects for future use). [+] ResH folder (includes ResHacker.exe). [+] UPX folder (includes upx32.exe and upx64.exe). [+] ATPL.EXE (AT4RE Power Loader). [+] Version History.txt

This is an example program I used to shell The Enigma 7.7. You can shell it, bypass it, PatchHWID, KeyGen to make it run normally. Of course, it would be best if the shell could be peeled off.Have fun! https://workupload.com/file/EGgppWamMA6 Cracked:

I want to release a new tutorial about the popular theme Themida - WinLicense. So I see there seems to be still some open questions mostly if my older unpack script does not work anymore and the unpacked files to, etc. So this time I decided to create a little video series on how to unpack and deal with a newer protected Themida target manually where my older public script does fail. A friend of mine did protect unpackme's for this and in the tutorial you will see all steps from A-Z to get this unpackme successfully manually unpacked but this is only one example how you can do it, of course. So the tutorial [videos + text tutorial] is very long and has a run-time of more than three hours and of course it will be necessary that you also read the text parts I made at the same time if possible but if you are already a advanced user then you will have it easier than a newbie. So I hope that you have enough patience to work through the whole tutorial. So the main attention I set on all things which happen after normal unpacking so the unpack process is the simplest part and all what comes after is the most interesting part and how to deal with all problems that happen. It's more or less like a live unpack session. I also wrote some small basic little helper scripts which you can also use for other targets to get valuable information if you need. Short summation: Unpacking Exception analysing VM analysing with UV plugin AntiDump's find & fixing & redirecting "after fix method" Testing on other OS My Special Thanks goes to Lostin who made this unpackme and others + OS's tests. (I want to send a thank you to Deathway again for creating this very handy and helpfully UV plugin). So this is all I have to say about the tutorial so far, just watch and read and then try it by yourself. Oh! and by the way I record ten videos and not only one. If something does not work or you have any problems with this tutorial, etc. then ask in the support topic only. Don't send me tons of PM's, OK! Thank you in advance. PS: Oh! and before someone has again something to complain because of my tutorial style [goes to quickly or is bad or whatever] then I just want to say, maybe you're right so normally I don't like to create and write tutorials. This is really not my thing so keep this in your mind.

A collection of legacy tutorials from ARTeam covering multiple aspects; unpacking, cracking, inline patching, dongles, DRM, keygenning, debugging, serial fishing, loaders, etc. MD5: ARTeam Tutorials Collection.rar : ca10cf1c85b12f6f9d0b2998c2356e7f

Today I release an unpacker script for Enigma Protector. Maybe you know that I created another unpacker script for Enigma in the past which no-longer works for protected Enigma files greater than 3.70+ and this is the reason why I wrote a new script, Enigma Alternativ Unpacker 1.0. So what is new in this script? This script will unpack your Enigma protected files and dump the used outer virtual machine. This means you do not need to use the DV / Enigma plugin which is used in my other script. Of course the virtual machine will be still virtualized but your unpacked files will work. It is not the best solution but for the moment it is a good "alternativ" and a working solution. Features of the script: ( 1.) Unpacking of ENIGMA 1.90 - 3.130+ ( 2.) RegSheme Bypass & HWID Changer ( 3.) Enigma CheckUp Killer ( 4.) VirtualMemory Dumper 1.90 - 3.x+ & SC Fixer M1 ( 5.) UIF Tool Necessary Sometimes! ( 6.) Enigma Intern Export & VM Scan + Log ( 7.) Improved Import Emulation Fixer ( 8.) Supports Exe & Dll Files [dll at EP!] This new script again covers almost all the protection features of Enigma Protector like my other script but it has been improved and I have added some extra things that you will see when you get to use it. I have created four video tutorials for you where you can see what you have to do in some of the different situations you may experience. Be sure that you "watch the videos" before you use the script to prevent some unnecessary questions where you can already find the answers if you watch them and then read my added text files. I also made an UnpackMe set with six different protected files (watch videos how to unpack all of them). If something does not work for you or if you get any trouble or have any questions then just post a reply on the topic (linked above) to get an answer.

Crackmes.de, a site for testing reversing skills. Crackmes range from "Very Easy" to "Very Hard" for many operating systems. Archive contains a 2011 release from Malware Ninja... Please find the following linked zip that contains almost 1000 crackmes for all levels. Please enjoy and mirror/spread.

Provision: Create a tiny Proxy DLLs for Personal researches. RozDll Vs Fixit: Fixit is a “Static Load Generator”. Handles Pre-Generated List of DLL's that may be work with your Executable or not (same as ByMax). RozDll is a “Dynamic Load Generator”, runs your Executable in Memory, gets a list of Proxy DLL's which your Executable uses in Memory. RozDll Main Features: Generate Fast, Portable & Small Size Proxy/Hijacked DLL. Integrated with x64dbg. You can load the Patched Data directly from x64dbg exported file (*.1337). Dynamic Loading. Function Selection. Deferent Method of patch Options. Encryption: DLL Function Names are Encrypted. This will make it difficult for Anti-Virus to trace generated DLL. Startup Message: You can personalize your work by writing your name and short info/about. This message will appear only at the first run of target executable. Data Extraction: Upload Registry and other filetypes into target PC. Data Verification: Clicking on the 'Magnifier symbol' is mandatory & it will ensure that you entered the correct data. Created on Windows 10 & Visual Studio 2022. It should work on Windows 10 & Windows 11, but not guaranteed to work in Virtual Windows. Tutorial: RozDll_Advanced.mp4 RozDll_Final_Tutorial_(v1.30).mp4

Welcome! on this fine day, you have reached CrackZ's Reverse Engineering Page, on the web for 14+ years, despite many censorship attempts. Amongst these pages you will find what is now a very rare commodity on today's commercialised web; a site where you can acquire all the skills you need to become a competent reverse engineer. This site provides information for analysts and protectionists alike, focusing mainly on the protection schemes of Window's software whilst debunking some of the mystery surrounding the sublime art of 'copy protection'. Everything here is yours for free, I hope you will enjoy taking some time to look around. In the last 15 years commercial profit motives have transformed the nature of web information and searching forever, a bitter irony indeed that in our rush to embrace a world of 'free information', more and more is now hidden, treasure troves of free knowledge have been shunned in the stampede for 'e-commerce' gold, snake oil products to this day provide a false sense of security to software authors. This site is fiercely against these trends, but is also realistic in that it will make not one iota of difference. Upon my pages you will find many teachings that should enable you (with a little work) to reverse engineer most of the software you'll ever encounter or need (probably saving you a considerable amount of money). You will find no dubious advertising banners, irritating pop ups, endless loops of smut site referrals or targeted ads, (they couldn't pay me enough to promote their useless products anyway), much of the material here is at a level where little more than a 'willingness to learn' is assumed, of course if you delve a little deeper you will (I hope) find much more. MD5: CrackZ's Reverse Engineering Page (1997-2012).rar : 834d28a4e6d00abb6b6d007f6b4fd4ed

The Hex-Rays Decompiler plugin for better code navigation in RE process. CodeXplorer automates code REconstruction of C++ applications or modern malware like Stuxnet, Flame, Equation, Animal Farm ... Features: Automatic type REconstruction for C++ objects. To be able to reconstruct a type using HexRaysCodeXplorer one needs to select the variable holding pointer to the instance of position independed code or to an object and by right-button mouse click select from the context menu «REconstruct Type» option. Virtual function table identification - automatically identifies references to virtual function tables during type reconstruction. When a reference to a virtual function table is identified the plugin generates a corresponding C-structure. As shown below during reconstructing struct_local_data_storage two virtual function tables were identified and, as a result, two corresponding structures were generated: struct_local_data_storage_VTABLE_0 and struct_local_data_storage_VTABLE_4. C-tree graph visualization – a special tree-like structure representing a decompiled routine in citem_t terms (hexrays.hpp). Useful feature for understanding how the decompiler works. The highlighted graph node corresponds to the current cursor position in the HexRays Pseudocode window Ctree Item View – show ctree representation for highlighted element Extract Types to File – dump all types information (include reconstructed types) into file. Navigation through virtual function calls in HexRays Pseudocode window. After representing C++ objects by C-structures this feature make possible navigation by mouse clicking to the virtual function calls as structure fields Jump to Disasm - small feature for navigate to assembly code into "IDA View window" from current Pseudocode line position. It is help to find a place in assembly code associated with decompiled line. Object Explorer – useful interface for navigation through virtual tables (VTBL) structures. Object Explorer outputs VTBL information into IDA custom view window. The output window is shown by choosing «Object Explorer» option in right-button mouse click context menu Support auto parsing RTTI objects This plugin is recompiled by disauto UPDATE 29.10.2024 Recompiled for IDA Pro v9.0 Windows x86_64

Hey everyone, I’m sharing an UnpackMe challenge that combines VMProtect packing with runtime function obfuscation using Eclipse Runtime Obfuscator. This should be an interesting challenge for those who enjoy working with dynamic obfuscation and anti-debugging techniques. Protection Details: VMProtect is used for basic packing, with import protection and anti-debug enabled. Eclipse Runtime Obfuscator dynamically obfuscates function execution, making dumped analysis and debugging difficult. Function code is relocated to a new memory region at runtime and accessed through vectored exception handling (VEH) instead of direct execution. Eclipse Runtime Obfuscation Features in this UnpackMe: Exception-Based Execution Handling – Execution is redirected via VEH, preventing direct tracing. Junk Code Injection – Adds meaningless instructions to mislead disassembly and make static analysis harder. Dynamic Function Relocation – Functions are moved at runtime, disrupting predictable memory access. Control Flow Obfuscation – Execution flow is broken up and redirected via exception handling. Anti-Debugging Protection – The binary throws access violations and illegal instructions to interfere with debuggers. Goals: Unpack the binary (remove VMProtect and restore the original imports). Defeat runtime function relocation and deobfuscate the function logic by resorting the original function code. Reconstruct a clean, runnable (optional) version of the executable with original control flow. Explain how you unpacked and fixed the program, detailing the approach to defeating VEH-based execution and restoring the function code. Bonus points if you can crack the password in the console application demo code. Notes: VMProtect is only used for packing, not virtualization. The main challenge comes from Eclipse’s runtime function relocation and exception-based redirections. Dumping the process isn’t enough, as function code is dynamically obfuscated in memory. The obfuscated functions are exported and named "testCCode", "testCCode2", and "DemoFunction" (this function has the crackme code in it). Would love to see a write-up on defeating the VEH-based execution and restoring the original function code! More information can be found about the Eclipse Runtime Obfuscator project on GitHub. Looking forward to seeing your approaches. Good luck and happy reversing!

The Entry Point is virtualized. 2 Parts of the codes are also virtualized. [Your Mission] Just unpack this file and make it run well without any errors or termination. No devirtualiztion are necessary.

Password: tuts4you .NET .NET Reactor 2.5.0.0.rar CliSecure 3.2.rar CliSecure 4.5.rar CodeVeil 1.2.rar DNGuard (Standard) 2.6.rar DNGuard HVM 2.6.2.0.rar dotNET Reactor 2.0.0.1.rar dotNET Reactor 2.1.5.3.rar dotNETZ 0.2.7.rar Maxtocode 3.2.rar MPress 0.71.rar MPress 0.75.rar MPress 0.77.rar MPress 2.12.rar NsPack 3.6.rar Phoenix Protector 1.7.0.1.rar Sixxpack 2.2.rar Skater .NET Obfuscator Light 2.6.rar Smart Assembly 1.3.rar Smart Assembly 2.0.rar Themida .NET 1.9.3.0.rar FoxPro KONxiSE 1.0.rar vfp&exeNc 6.20.rar PE32 x32 !EP (EXE Pack) 1.0.rar !EP (EXE Pack) 1.2.rar !EP (EXE Pack) 1.4.rar !EProt 0.01.rar 1337 Exe Crypter 1.rar 1337 Exe Crypter 2.rar 12311134.rar Aase 1.0.rar ABC Crypter.rar ACProtect 1.09g.rar ACProtect 1.32.rar ACProtect 1.41.rar ACProtect Pro 2.1.0.rar ACProtect Standard 2.0 2006.03.10.rar Advanced UPX Scrammbler 0.5.rar AffilliateEXE 1.0.rar Again Nativity Crypter.rar AHTeam EP Protector 0.3.rar AlexProt 1.0 Beta2.rar Alloy 4.3.21.2005.rar Alloy 4.10.9.2006.rar ANDpakk2 0.18.rar Anskya Polymorphic Packer 1.3.rar AnslymPacker.rar Anti007 2.5.rar AntiCrack Protector.rar AntiDote 1.4.rar AntiDote_1.2.rar antiOllyDBG.rar AR Crypt.rar AREA51 Cryptor 1.1.rar ARM Protector 0.1.rar ARM Protector 0.3.rar Armadillo 1.84.rar Armadillo 1.90.rar Armadillo 1.91c.rar Armadillo 2.00.rar Armadillo 2.52.rar Armadillo 3.70a.rar Armadillo 4.00.0053.rar Armadillo 4.10.rar Armadillo 4.20.rar Armadillo 4.30.rar Armadillo 4.30a.rar Armadillo 4.40.rar Armadillo 4.42.rar Armadillo 4.44.rar Armadillo 4.54 (Beta 1).rar Armadillo 4.66.rar Armadillo 6.0.0.rar Armadillo 6.2.4.624.rar Armadillo 6.40.rar Armadillo 6.60.0140.rar Armadillo 7.0 Beta 3.rar AsCrypt 0.1.rar ASDPack 2.0.rar ASPack 2.2.rar ASPack 2.12.rar ASPack 2.12_.rar ASProtect 1.2.rar ASProtect 1.23 RC1.rar ASProtect 1.33.rar ASProtect 1.35.rar ASProtect 1.40.rar ASProtect SKE 2.4 Build 09.11.rar ASProtect SKE 2.10.rar ASProtect SKE 2.11.rar ASProtect SKE 2.20.rar ASProtect SKE 2.30.rar Ass Crypter 1.0.rar AT4RE aSm Protecter 1.0.rar AT4RE Protector 1.0.rar AverCryptor 1.0.rar AverCryptor 1.02.rar AZProtect 0001.rar Backdoor PE Compress Protector 1.0.rar BamBam_0.04.rar Bastards Tools 1.1.rar Beria 0.07.rar Berio 1.0 Beta.rar Berio 1.02.rar BeRoEXEPacker 1.00.rar Biohazard Crypter.rar Bleeding Rose Crypter 1.0.rar BoxApp Packer 2.2.0.9.rar Break Into Pattern 0.1.rar C.I. Crypt 0.1.rar C.I. Crypt 0.2.rar CDS SS 1.0 Beta 1.rar Celsius Crypt 2.0.rar Celsius Crypt 2.1.rar CExe1.0b.rar ChinaProtect 0.3.rar CI Crypt 0.1.rar Cigicigi Crypter 1.0.rar CliSecure 4.5.rar CodeVeil 1.2.rar COOLcryptor 0.9.rar Crunch 5.0.0.rar CrypKey SDK 5.7.rar Crypt R.roads 1.0.rar Cryptable Seduction 1.0.rar Cryptic 2.1.rar CrypToCrack Pe Protector 0.9.2.rar CrypToCrack Pe Protector 0.9.3.rar CRyptOZ 3.rar CryptX 1.0.rar CSDSJKK Protector.rar CuBe Crypt0r.rar DalKrypt 1.0.rar DCrypt Private 0.9b.rar dePack.rar DeX-Crypt 2.0.rar DexCrypt 2.0.rar DirTy Cryptor.rar dotFakeSigner.rar DotFix NiceProtect 2.2.rar DotFix NiceProtect 2.3.rar DotFix NiceProtect 2.5.rar DotFix NiceProtect 2.9.rar DotFix NiceProtect 3.6.rar DragonArmour.rar Drony Application Protect 3.0.rar Eagle Protector.rar EmbedPE 1.13.rar EnCryptPE 2.2006.7.10.rar EnCryptPE 2.2007.4.11.rar Enigma 1.12.rar Enigma 1.55.rar Enigma 1.68.rar eS304.rar Escargot 0.1.rar Excalibur1.03.rar ExE Evil 1.0.rar Exe32Pack 1.42.rar EXECrypt 1.0.rar ExeCryptor 1.5.30.rar ExeCryptor 2.1.20.rar ExeCryptor 2.1.70.rar ExeCryptor 2.2.50.rar ExeCryptor 2.4.1.rar ExeCryptor Official Crackme.rar ExeFog 1.1.rar EXESafeguard 1.0.rar ExeSax 0.9.1.rar ExeShield 3.6.rar ExeShield 3.7.rar ExeShield Cryptor 1.3RC.rar ExeShield Deluxe 1.2.21.rar ExeShield Deluxe 1.3RC.rar ExeShield Ultra Edition 1.40.rar ExeShield Ultra Edition 1.41.rar EXESmasher 1.0.rar ExeStealth 2.75a.rar ExeStealth 2.76.rar eXPressor 1.2.0.rar eXPressor 1.3.0.1.rar eXPressor 1.5.0.1.rar eXPressor 1.6.0.1.rar EZIP 1.0.rar EZIP 1.1.rar Fakus Cryptor 1.4.rar Fast File Crypt 1.6.rar FastPack32 1.2.rar FatMike 0.1.rar fEaRz Crypter 1.0.rar fEaRz Packer 0.3.rar FileShield 1.0.rar FishPE 1.02.rar FishPE 1.16.rar FishPE 1.17.rar FishPE Packer 1.03.rar FishPE Packer 1.04.rar FishPE Shield 2.0.1.rar Flame Packer II.rar Flashback Protector 1.0.rar Free Joiner Small 0.15.rar Freex64 1.0.rar FSG 2.0.rar fornication_U 0.1.5.rar Fusion 4.0.00.rar G!X Protector 1.2.rar GhaZza CryPter 1.0.rar GHF Protector.rar Gie Protector 0.2.rar GKripto 1.0.rar Goats PE Mutilator 1.6.rar H4ck-y0u.org Crypter.rar HAC Crew-Crypter.rar HaLV Crypter.rar HaspSRM 3.4.rar Hexalock DVD Copy Protection System 2.3.rar Hide & Protect 1.016.rar HidePE.rar HidePX.rar Hmimys Packer 1.0.rar Hmimys Packer 1.2.rar Hmimys Packer 1.3.rar Hmimys PE-Pack.rar Hound Hack Crypter 1.0.4.rar Hyings PE-Armour CCG.rar ICrypt 1.0.rar ID Application Protector 1.2.rar iNF Cryptor.rar James Crypter 2.0.rar JDPack 1.01.rar JDPack 2.00.rar JDProtect 0.9.rar JDProtect 0.90b.rar JeyJey UPX Protector.rar Joker Protector 1.0.8.rar Joker Protector 1.1.3.rar K!Cryptor 0.11.rar KaOs PE-DLL eXecutable Undetecter.rar KGB Crypter 1.0.rar KiAms Cryptor 1.4.rar Kkrunchy 0.17.rar Kkrunchy 0.23.rar Kratos Crypter.rar Krypton 0.5.rar Kur0k.X2.to.rar LameCrypt 1.0.rar LCG 1.0.rar Lightning Crypter Private 1.0.rar Lightning Crypter ScanTime 1.0.rar Luck007 2.7.rar LuCypher 1.1.rar Mal Packer 1.2.rar MarCrypt 0.01.rar MaskPE 2.0.rar MEW 1.1.rar Mimoza 0.86.rar Minke 1.01.rar MKFPack.rar Molebox 2.2.4.rar Molebox 2.3.rar MoleBox 2.5.13.rar MoleBox Pro 2.6.0.2375.rar MoleBox Pro 2.6.1.2387.rar MoleBox Pro 2.6.4.2534.rar MoleBox Pro 2.6.5.2570.rar MoleBox Ultra 4.1900.rar MoleBox Ultra 4.1900_.rar Money Crypter 1.0.rar Morphine 1.9.rar Morphine 2.7b.rar Morphine 3.3.rar Morphine 3.5.rar Morphnah 0.2.rar Mortal Team Crypter.rar Mortal Team Crypter 2.rar MoruK creW Crypter Private.rar mPack 0.0.2.rar mPack 0.0.3.rar MPress 0.77.rar MPress 1.27.rar MPress 2.01.rar MPress 2.05.rar MPress 2.12.rar Mr Undectetable 1.0.rar MSLRH 0.32a.rar Muckis Protector.rar Muckis Protector II.rar My PE Packer 0.1.rar MZ0oPE 1.0.6b.rar N-Code 0.2.rar NakedPacker 1.0.rar NeoLite 2.0.rar Nidhogg 1.0.rar NME 1.1.rar NOmeR1.rar NoNamePacker.rar NoobyProtect 1.1.8.0.rar NoobyProtect 1.6.8.0.rar NoobyProtect 1.6.40.rar NoobyProtect SE Public 1.0.9.6.rar NoodleCrpyt 2.rar Nova Cipher 1.0.rar noX Crypt 1.1.rar nPack 1.1.250.2006.rar nPack 1.1.300.rar nPack 1.1.800.2008.rar NsPack 2.3.rar NsPack 2.4.rar NsPack 2.9.rar NsPack 3.0.rar NsPack 3.3.rar NsPack 3.4.rar NsPack 3.5.rar NsPack 3.6.rar NsPack 3.7.rar NsPack Scrambler.rar NTkrnl Protector 0.1.0.0.rar NTkrnl Protector 0.15.rar NtPacker 1.0.rar Obsidium 1.2.rar Obsidium 1.2.5.rar Obsidium 1.3.4.2.rar Obsidium 1.3.5.5.rar Obsidium 1.3.6.1.rar Obsidium 1.4.0.9.rar Obsidium 1.30.rar Open Source Code Crypter 1.0.rar Orien 2.11.rar OSC-Crypter.rar p0ke Scrambler 1.2.rar Pack 4.0.rar PackMan 0.0.0.1.rar PackMan 1.0.rar Pain Crew Protector 1.1.rar Pandora.rar Password Protect UPX 0.30.rar PC Shriner 0.71.rar PcGuard 4.06c.rar PcGuard 5.0.rar PE-Armour 0.765.rar PE Lock NT 2.04.rar PE Pack 1.0.rar Pe123 2006.4.4.rar PeBundle 3.20.rar PeCancer 1.0 (Demo).rar PeCancer 2007 07 11.rar PeCompact 1.30.rar PeCompact 1.50.rar PeCompact 1.84.rar PeCompact 2.55.rar PeCompact 2.57.rar PeCompact 2.64.rar PeCompact 2.68.rar PeCompact 2.70.rar PeCompact 2.78a.rar PeCompact 2.79.rar PeCompact 2.98.4.rar PEDiminisher 0.1.rar PELock 1.06.rar PEncrypt 4.0p.rar Pepsi 2.0.rar Perplex PE-Protector 1.01.rar PeSpin 1.0.rar PeSpin 1.1.rar PeSpin 1.3.rar PeSpin 1.3 (Private).rar PeSpin 1.32.rar PeSpin 1.304.rar Pestil 1.0.rar PeStubOEP 1.6.rar Petite 1.2.rar Petite 1.3.rar Petite 1.4.rar Petite 2.3.rar PeX 0.99.rar PFE CX 0.1.rar Phoenix Protector 1.4.0.1.rar PI Cryptor 3.0.rar PKLite32 1.1.rar PlutoCrypt.rar Pohernah 1.0.1.rar Pohernah 1.0.2.rar Pohernah 1.0.3.rar Poisen Ivy Crypter.rar Poke Crypter.rar Poly!Crypt 2.8.rar PolyBox 1.0.rar PolyCrypt PE 2.00.rar PolyCrypt PE 2.1.5.rar PolyEnE 0.01.rar Private EXE Protector 1.7.rar Private EXE Protector 1.8.rar Private EXE Protector 1.9.rar Private EXE Protector 1.95.rar Private Exe Protector 2.25.rar Private EXE Protector 2.30.rar Private EXE Protector 2.40.rar Private Exe Protector 2.71.rar Private Personal Packer 1.0.2.rar PrivateKrypt 1.0.rar Protect Shareware 1.1.rar Pub Crypter.rar Punisher 1.5.rar PussyCrypter 1.0.rar QrYPt0r.rar QuickPack NT 0.1.rar RCryptor 1.1.rar RCryptor 1.3.rar RCryptor 1.4.rar RCryptor 1.5 (Private).rar RCryptor 1.6c.rar RCryptor 1.6d.rar RCryptor 2.0.rar RDG Poly Pack 1.1.rar RDG Tejon Crypter 0.1.rar RDG Tejon Crypter 0.8.rar ReCrypt 0.15.rar ReCrypt 0.74.rar ReCrypt 0.80.rar ReWolf x86 Virtualizer.rar RLP 0.7.2.rar RLPack 1.0.rar RLPack 1.1 BasicEdition.rar RLPack 1.11 BasicEdition.rar RLPack 1.15 BasicEdition.rar RLPack 1.16.rar RLPack 1.17.rar RLPack 1.18.rar RLPack 1.20.1.rar RLPack 1.21.rar RoguePack 1.1.rar RoguePack 3.3.1.rar ROR Packer 0.3.rar RPolyCrypt 1.0b.rar RPolyCrypt 1.4.rar Russian Cryptor 1.0.rar SDProtector 1.12.rar SDProtector 1.16.rar Secure Shade 1.5.rar SEH Protector 1.0.5.rar SEH Protector 2.5.0.rar Sentinel Hardware Key 7.5.0.rar Sexe Crypter 1.1.rar Sh4DoW.rar Shergerd Exe Protector 4.87.rar Shrinkwrap 1.4.rar Sim Crypter.rar SimbiOZ.rar SimbiOZ 2.1.rar Simple Crypter 1.2.rar Simple Pack 1.0.rar Simple Pack 1.2.rar Simple Pack 1.11.rar Simple Pack 1.21.rar Simplicity.rar SkD Undetectabler 3.rar SkD Undetectabler Pro 2.0 (Special_Edition).rar SLVc0deProtector 0.61.rar Small Polymorphic Crypter 0.1.rar SmokeScreen Crypter 2.0.rar Smon v0.2b.rar Snoop Crypt 1.0.rar Soft Defender 1.12.rar softSENTRY 3.00.rar Software Compress LITE 1.4.rar Sopelka 1.5.rar SPEC b3.rar SPLayer 0.08.rar StarForce 3.xx.rar StarForce 4.7.rar StasFodidoCrypter 1.0.rar Ste@lth PE 1.01.rar Ste@lth PE 2.10.rar SuperCrypt 1.0.rar SuperPacker 1.2.rar SVK Protector 1.43.rar tElock 0.98.rar tElock 0.99.rar TGR Crypter 1.0.rar TGR Protector 1.0.rar The Best Cryptor.rar The Zone Crypter.rar Themida 1.1.1.0.rar Themida 1.2.3.0.rar Themida 1.3.0.0.rar Themida 1.5.0.0.rar Themida 1.8.2.0.rar Themida 1.9.1.0.rar Thinstall 2.521 A.rar Thinstall 2.521 B.rar Thinstall 2.628.rar Thinstall 2.736.rar Thunderbolt 0.02.rar TPPpack.rar Trojka Crypter 1.1.rar TsT Crypter 1.0.rar Tubby Crypt 1.1.0.rar Turkish Cyber Signature 1.0.rar Turkojan Crypter 1.0.rar UnderGround Crypter 1.0.rar Undetector 1.2.rar UnDo Crypter 1.0.rar unkOwn Crypter 1.0.rar unnamed Scrambler 1.1C.rar unnamed Scrambler 2.0.rar unnamed Scrambler 2.1.1.rar unnamed Scrambler 2.5.2.rar UnOpix 1.10.rar UnOpix Scrambler 1.10.rar uPack Mutanter 0.1.rar uPolyX 0.4.rar uPolyX 0.5.rar UProtector 2.1.rar UPX-Scrambler RC1.x.rar UPX 1.25.rar UPX 1.91.rar UPX 1.92.rar UPX 2.00.rar UPX 2.01.rar UPX 2.02.rar UPX 2.90.rar UPX 3.00.rar UPX 3.01.rar UPX 3.03.rar UPX 3.04.rar UPX Lock 1.0.rar UPX$hit 0.0.1.rar UPXMutanter.rar UPXScramb 2.2.rar USSR 0.31.rar VB-PE-Crypt 1.0.rar VB-PowerWrap 4.1.rar VB-PowerWrap 4.3.rar VBOWatch Protector 2.0.rar VBOWatch Protector 3.0.rar VCasm.rar VCrpyt 0.9b.rar Virogen Crypt 0.75.rar Visual Protect 3.4.5.rar VMProtect 1.1.rar VMProtect 1.2.rar VMProtect 1.8.rar VMProtect 1.21.rar VMProtect 1.22.rar VMProtect 1.24.rar VMProtect 1.52.rar VMProtect 1.53.rar VMProtect 1.70.4.rar VPacker 0.02.10.rar VProtector 1.0.rar VProtector 1.1.rar VProtector 1.2.rar VXPack 1.1.3.rar Werus Crypter 1.0.rar Whitell Crypt.rar Wind of Crypt 1.0.rar WingsCrypt 1.0.rar WinKrypt 1.0.rar WinLicense 1.1.1.0.rar WinLicense 1.4.0.2.rar WinLicense 1.8.9.0.rar WinLicense 2.0.1.0.rar WinLicense 2.0.6.5.rar WinLicense 2.0.8.0.rar WinUpack 0.30.rar WinUpack 0.32.rar WinUpack 0.35.rar WinUpack 0.38.rar WinUpack 0.39.rar WL-Crypt 1.0.rar WL-Group Crypter.rar WouThrs EXE Crypter 1.0.rar WWPack32 1.x.rar X-Crypter 1.2.rar X-Crypter 2.0.rar x86 Virtualizer.rar XComp 0.98.rar XcR 0.13.rar XXPack 0.1.rar Yoda Crypter 1.3.rar Yoda Protector 1.02b.rar Yoda Protector 1.03.2.rar Yoda Protector 1.0b.rar YZPack 1.1.rar YZPack 2.0b.rar ZeldaCrypt 1.0.rar ZipWorxSecureEXE 2.5.rar ZProtect 1.3.rar ZProtect 1.4.rar ZProtect 1.4.4.0.rar ZProtect 1.4.8.0.rar ZProtect 1.4.9.0.rar ZProtect Enterprise 1.3.1.rar PE64 x64 lARP64 Pro 1.0.3.rar lARP64 Pro 1.0.3_old.rar lARP64 Pro 1.0.3_update.rar MPress 1.07 x64.rar MPress 2.12 x64.rar NsPack 3.6 x64.rar PeSpin Pre-Alpha x64.rar PeSpin x64 0.3a.rar PeSpin x64 1.1.rar

This is a complete archive (site rip) of all files on Tuts 4 You as of July 2011 except for the malware samples - you will need to download these directly from Tuts 4 You. I have created the torrent as directories and files rather than one archive which gives you the option to download files individually or in categories. The entire collection is 3.69 GB of which some sections may be of little interest to some but you have the option of downloading what you want. This collection will be updated annually so please check at the following link for the official and up-to-date torrent file. Base 32 Hash-ID magnet:?xt=urn:btih:slpgvubkpp4dyhxbaxpmogludkgmw7wi Base 16 Hash-ID magnet:?xt=urn:btih:92DE6AD02A7BF83C1EE105DEC719741A8CCB7EC8 Please remember to seed the torrent and help share the knowledge within the reversing community. I hope this satisfies the leechers, thank you! File/ Directory Listing Tuts 4 You - Collection 2011.md5

This methods protected with Ultra setting (mutation+virtualization) and complexity none ( for example if complexity setted 22% the output goes 1mb ). Either unpack it, either provide a valid license file.

UnpackMe - WinLicense 3.1.3.0 x86 Full Protect HWID Lock + Entry Point Virtualization + Etc... HWID: 1111-2222-3333-4444-5555-6666-7777-8888 Author:boot From:Tuts4you Time:2023.04.02

ProtectionID is a software tool commonly used in the reverse engineering and software cracking community to analyze and identify the copy protection and DRM (Digital Rights Management) schemes used in executable files. It can detect various types of protections, such as anti-debugging, anti-tampering, code obfuscation, and encryption. ProtectionID can also provide information about the file's structure, imported and exported functions, and other relevant data. The tool is useful for software developers and security researchers who need to understand how copy protection works and for those who seek to crack software and remove the copy protection. However, it should be noted that using ProtectionID for cracking purposes is illegal and violates copyright laws.

This tool is designed to rebuild imports for protected/packed Win32 executables. It reconstructs a new Image Import Descriptor (IID), Import Array Table (IAT) and all ASCII module and function names. It can also inject into your output executable, a loader which is able to fill the IAT with real pointers to API or a ripped code from the protector/packer (very useful against emulated API in a thunk). Sorry but this tool is not designed for newbies, you should be familiar a bit with manual unpacking first (some tutorials are easy to find on internet).

TiGa 01 - Visual Debugging with IDA TiGa 02 - Remote Debugging with IDA Pro TiGa 03 - Debugging a Buggy Application with IDA Pro TiGa 04 - How to Solve CrackMes for Dummies in Video TiGa 05 - x64 Disassembling and Fixing Obfuscated API's TiGa 06 - TLS Callbacks and Preventing Debugger Detection TiGa 07 - Unwrapping a Flash Video Executable TiGa 08 - Stop Fishing and Start Keygenning! TiGa 09 - Alien Autopsy rev. 2008 TiGa 10 - Unpacking Deroko x64 UnPackMe TiGa 11 - Solving Pnluck x64 CrackMe TiGa 12 - Unpacking 4 Simple Packers with IDA

Various collection of reversing tutorials in video covering various aspects of .NET from Ubbelol. Name Size Type Modified Attr MD5 Checksum .NET Cracking 101 #1 - Absolute basics.mkv 21.5 MB Matroska 5/10/2017 5:12 AM -a----- 4c70dc7c9f6b47f39a4cde2c2e172ef3 .NET Cracking 101 #2 - WinDbg basics.mkv 55.8 MB Matroska 29/06/2014 6:55 PM -a----- 56b4f7138fe1dbbdac358d6d8ba6fe5b .NET Cracking 101 #3 - Additional techniques.mkv 26 MB Matroska 9/10/2017 2:20 PM -a----- aefe75ee91f2c2df13522e2084797e27 .NET Cracking 101 #4 - ChewBox crackme.mkv 25.4 MB Matroska 10/10/2017 12:51 AM -a----- 4eee0cae85fe1a85257adf09bd432eef .NET Cracking 101 #5 - 0xDEADDEAD Crackme.mkv 42.5 MB Matroska 29/09/2017 3:32 PM -a----- 665c6e1bfaeb0e531c38b033deaf843a .NET Cracking 101 #6 - WinDbg_.NET Seal 2.mkv 31 MB Matroska 7/10/2017 12:02 AM -a----- 0bd46985e743fe5ab1f72ffa30c7d5dc .NET Cracking 101 #7 - AutoJitPatcher by 0xDEADDEAD.mkv 22.6 MB Matroska 10/10/2017 3:24 PM -a----- 96f125c6966155826b44900ae0c10925 .NET Deobfuscation 101 #1 - Symbol renaming.mkv 52.8 MB Matroska 10/10/2017 7:19 AM -a----- d0485addca7d551af4c423b680574570 .NET Deobfuscation 101 #2 - Phoenix Protector.mkv 48.3 MB Matroska 20/10/2017 11:35 PM -a----- 0a557679daf3444daf86099b4516782a Confuser 1.9 Anti-tamper tool.mkv 12.4 MB Matroska 11/10/2017 2:39 PM -a----- 0990b4977988ac8ff99aaf7313e4364e Confuser 1.9 Deobfuscator WIP - YouTube.mkv 10 MB Matroska 30/09/2017 10:11 AM -a----- 761e56dc774e70417a0cd8a46b5d270e uNet example application.mp4 85.3 MB MP4 16/02/2013 3:21 AM -a----- b9cb5dc6717def0802c7a27affc6b02d

This article demonstrates a couple of steps to rebuild the whole IAT table and to inject your DLL in a portable executable file without having to recompile the source code.

Hooking is the practice of re-directing the flow of a program causing it to execute a code-cave or function in an injected module in place of another piece of code. In this tutorial, I will cover a method of hooking known as IAT (Import Address Table) Hooking. IAT Hooking is a 4 step process (I assume you are able to manage to inject the attacking DLL on your own).

Many of you may be amazed at Guru LCF-AT's script "VMProtect API Turbo Tracer 1.2". But for most of the newbies, just like me, you may have a lot of problems in getting the script work properly in your own Ollydbg. LCF-AT already uploaded a lot of Ollydbg setting information togehter with the script to help us fix those Ollydbg problems, but there are too many details. Yes, I suffered a lot at the inital stage when I was trying to use "VMProtect API Turbo Tracer 1.1" by my chinese version "Terminator Ollydbg 1.1.0". Under LCF-AT's kind help, I created this basic version Ollydbg 1.1.0, which is specially for running "VMProtect API Turbo Tracer 1.1". And it works smoothly in my laptop, with Windows XP Professional SP3. If you like, get it and give it a try. Enjoy Cracking!!

A "Crack Me" challenge created by lord "Voksi" , a well known person in the "warez" scene. And no, this challenge is not uploaded by "Voksi" himself, it's uploaded via a proxy which is myself, an old friend of "Voksi" . GOAL: Obtain the Correct key Greetings to MasterBootRecord, Voksi, FJLJ, And also a few others, you know who you are ❤️

If you need to view information about various EXE files, Exeinfo PE is a small toll that does exactly that. It can analyse EXE files and acquires detailed information about their properties, offering you the possibility to save overlays and create backups. The application is portable so you don’t need to install it, plus your Windows registry will remain unchanged. The simple interface has a plain window where you can drag and drop an EXE or DLL file, or load it via the built-in file browser. Then the application will display the file size, file offset, entry point, linker information, EP section, sub-system and overlay. Furthermore, you can also insert HEX data to analyse BIN information. A section viewer can be opened, where users can see every virtual offset and size, flags, name, RAW data offset and size, first bytes and section status. Header information is also available such as security, debug, exception, T:S table, size of headers, number of directories and so on. The application can be set to perform a fast scan from the Options menu. Moreover, from the same place, you can configure Exeinfo PE to ignore EXE errors, set it to be always on top, choose the big interface or integrate it into the shell. Plugins: https://github.com/ExeinfoASL/plugins Support Topic: https://forum.tuts4you.com/topic/8412-exeinfo-pe/

File protected by .NET Reactor v7.3 having /Code Virtualization/ enabled. By nature the application using /Dependency Injection/, the 3rd party files embedded to main exe (see shot2). Find registration combination and reply it with the success message!

About File: .NET Framework 4.8, 32-bit preferred Used Obfuscator: Rika .NET Obfuscator Latest Used Features: Code Virtualization & Anti Tamper Difficulty: 6/10 Goal: Find the Password or deobfuscate it competely.

I want you guys who are capable of unvirtualizing and unpacking them to upload the final ones. These files are just the same part of the codes virtualized which are 2 lines of the original mfc source codes. So if you can unvirtualize them and unpack them, please upload the final ones. Any other protections are excluded absolutely. Give it a try and improve your skills. Best Regards. sean.

ByUndefined Protector Anti Debugger Anti Dump Anti Tamper Anti Memory Anti Dll Inject Anti ILDasm Resources Compress String Encrypt ControlFlow Virtualization Renamer Merge Dll Add Task: Unpack

Hey there! I made this KeyGenMe because I enjoy playing chess. This challenge is written in .NET and involves some mathematical operations, mixed with a few chess-related twists. Your task is to figure out the logic behind generating a valid serial key based on the username you enter. But be warned—it’s not as simple as just moving a pawn forward ( maybe a hint ) Protection used : None. Goals : 1. Provide valid combination for Username - Serial Key ( Bronze ) 2. Fully KeyGen it - every username with different serial key algorithm ( Silver ) 3. Full KeyGen plus EXPLANATION on what u did and how you figured out everything ( Gold ) Good luck!

Find correct license key, don't try to patch file. Updates & Improvements : + Listen to KAO advices from Version 1.0 + Improved Metamorphic Junk Code Generator + Encrypted VM Handlers + Control-Flow Obfuscation + VM Handler Obfuscation Hint : File Packed with UPX 5.0 just for compression ( just decompress it using -d command ) Thanks to @kao for Tips.

Brief and useful Find correct license key, don't try to patch file. What comes within this crackme : + Code Virtualization + Unique Junkcode Generation + Control-Flow Obfuscation

VSEC KeygenMe #2 What you have to do: I hope peoples who interested in Reverse Engineering learns something from this type of challenges. Best Regards.

I have put all important information in HWID-License.txt. I hope you all come up with some fascinating solutions. If you want leave the solution and also if you want to show off you can do that as well!

Simple Code Virtualization KeygenMe ( Not Commercial VM ) Try to find Algorithm and make correct key It's not too hard Your opinions about VM Complexity are welcome. Thanks

A simple guide to make your own simple crypter in C++ for PE. In this tutorial shows you how you can create your own stub in Windows platform using VS which is kinda stand alone in the environment and can be attached to other PEs to manipulate the execution of PE. My aim here was to show beginners how such things can be done, and if you learn these basic stuff you can go a few levels higher and create your own costume VM based obfuscation, however you still need to do some heavy lifting yourself. I did this tutorial unfortunately in a little rush, so there are quite a few mistakes here and there but overall the quality of the tutorial is good. I hope it can help you to learn new stuff. Hope to see you again when I have something new to share. Enjoy.

A good understanding of the Portable Executable (PE) file format leads to a good understanding of the operating system. If you know what's in your DLLs and EXEs, you'll be a more knowledgeable programmer. This article, the first of a two-part series, looks at the changes to the PE format that have occurred over the last few years, along with an overview of the format itself. After this update, the author discusses how the PE format fits into applications written for .NET, PE file sections, RVAs, the DataDirectory, and the importing of functions. An appendix includes lists of the relevant image header structures and their descriptions. Note: I have updated the archive to include the second part of this paper and have included the PE32 file used for reference.

Baymax Patch Tools v3.1.0 Tool description: Baymax Patch Tools is a hijacking patch making tool that releases a hijacking DLL for the target process to load the function module PYG. Two patching functions are supported.search and replace patch supports feature code search and replace memory data, exception breakpoint patch supports simulating the exception breakpoint function of debugger and modifying register, memory and other data after setting and triggering breakpoint to achieve the purpose of modifying program execution flow and so on. The tool is protected, antivirus may misreport the tool and patch files! Due to the use of the shell SDK, all components of the tool (including the generated patches) do not contain networking capabilities! The generated patches will not modify any files on the system when running (except for overwriting patch files). The generated patches will not modify any files on the system when running (except for overwriting patch files). The tool itself has a verification mechanism and will load only after the module is successfully verified at startup, but for security reasons, please be sure to download and use it from the official site. Function introduction: . support hijacking crack, not modify the file itself . support for patching processes with dynamic base addresses (ASLR) . support patching multiple DLL modules of the target process . support patching different EXEs of the same patch . support patching the memory data of a process at a specified address . support for patching processes using feature code matching . support setting API HOOK decoding for shelled programs before patching data . support patching data after setting hardware breakpoint interrupt for the process . support setting exception breakpoints to modify the memory pointed to by registers or registers after interrupting the process . support setting conditional breakpoints for processes to determine whether to execute Patch according to the number of interrupts, . . . . register or memory values . support setting different conditional breakpoints for the same address to perform Patch on the interrupts that meet the conditions . support extracting global variables from assembly instructions to store and modify them . support for storing data and using stored data during process execution . support patching the memory pointed to by the memory marker after interrupt . support basic operations on data after interrupt . support for reading patch data from ini file . support to create memory keymaker . support for creating debug patches to troubleshoot patch problems by yourself Update： 2023.01.18 x86 v3.1.0 1. Support multi-language function 2. adjusted and optimized the UI, text descriptions, etc. to improve the interactive experience Download: https://sourceforge.net/projects/baymax-patch-tools/

Beginner Olly Tutorial Part 01 - Serial fishing. Beginner Olly Tutorial Part 02 - Internal keygen and patching. Beginner Olly Tutorial Part 03 - Unpacking and patching. Beginner Olly Tutorial Part 04 - Unpacking and patching, a more complex case. Beginner Olly Tutorial Part 05 - Inline patching. Beginner Olly Tutorial Part 06 - Packers theory. Beginner Olly Tutorial Part 07 - Cracking Lost Marble's Moho v5.1 using Memory BP's. Beginner Olly Tutorial Part 08 - Breakpoints theory. Beginner Olly Tutorial Part 09 - Defeating magic byte protection. Beginner Olly Tutorial Part 10 - Anti-tampering techniques theory.

Ok, here comes the tut about injecting code. We will insert a MessageBox at program start like a little "nagbox". We will use my little example program in the zip file so I can better explain what we do. Note: it's important that our target program import the MessageBoxA function! That makes sense cause without it we can't use it. In this case we have to import it by hand which I will discuss in another tutorial. So check with Wdasm, PEditor, my Import Table Viewer or any other tool that MessageBoxA function is imported.

This crackme is created with Qt v4.8.4, The goal of this crackme is to make the CheckBox checked, not to only pass the check when the Check button is pressed. There is also the options of creating an program which will change the state of CheckBox. I don't think is trivial task: I can't even enumerate windows.

Try to unpack or alternatively provide a serial. Protections used: Necrobit Antitampering Antidebug Obfuscation Code Virtualization + Shield with SNK

My reader, this labyrinth of pages (you'll never be able to count them all) contains many teachings, and will help you gain knowledge that you will not find elsewhere. Please wander slowly inside: sip a good cocktail, take your time and explore at a leisurely pace. You'll find lessons on how to reverse engineer windows, dos, linux and palmtop programs, both in order to protect or to deprotect them (fairly easy, once you learn it); on how to search the Web using advanced techniques like 'combing' and 'klebing' (not so easy); on how to gain real information (pretty difficult), on how to track pseudoanonymous people on the web (fairly difficult), on how to protect your anonymity browsing the Web (quite difficult), on how to reverse the reality around you (very difficult), on how to destroy web sites you do not like (easy... given some conditions), on how to use (and detect) steganographical encryptions, on how to reverse or implement javascript based site protections, on how to annoy spammers, reverse web-agents, trap bots, write your own spiders and much more. I hope you'll enjoy this visit. Your critics and suggestions are welcome.

This plugin is process memory dumper for OllyDbg and Immunity Debugger. Very simple overview: OllyDumpEx = OllyDump + PE Dumper - obsoleted + useful features Features: Various debuggers supported Select to dump debugee exe, loaded dll or non-listed module Search PE File from memory Multiple Dump mode. Rebuild for typical PE dump, Binary for PE Carving PE32+ supported (Search and Binary Dump mode only available on 32bit debugger) Native 64bit process supported (IDA Pro, WinDbg and x64dbg) ELF supported (both of 32bit and 64bit) Standalone version available Dump any address space as section even if not in original section header Auto calculate many parameters (RawSize, RawOffset, VirtualOffset, ...) Supported Debugger: OllyDbg version 1.10 (tested 1.10) OllyDbg version 2.01 (tested 2.01) Immunity Debugger version 1.8x or higher (tested 1.85) IDA Pro 32bit build version 5.0 or higher (tested 6.9) IDA Pro 64bit build version 7.0 or higher (tested 7.1) IDA Freeware 32bit build version 5.0 (tested 5.0) IDA Freeware 64bit build version 7.0 (tested 7.0.190307) WinDbg version 6.x (tested 6.2) x64dbg (tested 20170822 snapshot)

Most (if not all) of the best hackers, crackers and reverse engineers are also programmers. It is probably impossible to learn RCE well without any knowledge of programming and many of the oldest txt files on cracking would urge the student - "first go away and learn assembler, then come back and read this". This is truer now than ever before as packers and executable protectors use increasingly complex and diverse methods of preventing unpacking, debugging and rebuilding. This has led to cracking groups coding custom tools rather than just relying on debugger, disassembler and tools like ImpREC. It has also led to loaders becoming increasingly popular, a fact echoed by the excellent Cracking with Loaders series from ARTeam. These however are not so easy to understand for beginners without any prior coding knowledge. I have written this tutorial to fill the gap between the complete beginner and the advanced tutorials on loaders, tracers, etc. Similarly, whilst console based apps and tools may be functional they are far from pretty so my second aim was to illustrate how easy it is to create GUI apps in assembler. In the spirit of the assembler programming and reversing communities I have re-used and adapted code from a wide variety of sources which are remembered with full credit and gratitude where possible.

Hi and welcome to another Office Jesus tutorial. I just want to go ahead and say that if you are an ABSOLUTE beginner with no experience debugging or coding (Delphi in this case), you should NOT read this tutorial! I recommend watching Lena151's tutorials; they can be found at www.tuts4you.com. In this tutorial we will be exploring a simple serial checking routine that uses the MD5 hash and the RSA algorithm. I will not go into detail on how MD5 works or how it could be implemented. For more reading about MD5, check out the MD5 tutorials by Encrypto and ARTeam. I will try to explain RSA to the best of my ability. For further reading on RSA, visit RSA Wiki.

Code-caving is the practice of injecting machine code into a remote process and making it execute. In this tutorial, I will cover a method of code-caving which I like to call thread injection. Thread injection is a seven step process.

R4ndom’s Beginning Reverse Engineering Tutorials Tutorial #1 - What is reverse engineering? Tutorial #2 - Introducing OllyDBG Tutorial #3 - Using OllyDBG, Part 1 Tutorial #4 - Using OllyDBG, Part 2 Tutorial #5 - Our First (Sort Of) Crack Tutorial #6 - Our First (True) Crack Tutorial #7 - More Crackmes Tutorial #8 - Frame Of Reference Tutorial #9 - No Strings Attached Tutorial #10 - The Levels of Patching Tutorial #11 - Breaking In Our Noob Skills Tutorial #12 - A Tougher NOOBy Example Tutorial #13 - Cracking a Real Program Tutorial #14 - How to remove nag screens Tutorial #15 - Using the Call Stack. Tutorial #16A - Dealing with Windows Messages. Tutorial #16B - Self Modifying Code. Tutorial #16C - Bruteforcing. Tutorial #17 - Working with Delphi Binaries. Tutorial #18 - Time Trials and Hardware Breakpoints. Tutorial #19 - Creating patchers. Tutorial #20A - Dealing with Visual Basic Binaries, Part 1. Tutorial #20B - Dealing with Visual Basic Binaries, Part 2. Tutorial #21 - Anti-Debugging Techniques. Tutorial #22 - Code Caves and PE Sections. Tutorial #23 - TLS Callbacks. Modifying Binaries For Fun And Profit Adding a Splash Screen - Creating a code cave to show a custom splash on an application Adding a Menu Item - Adding a menu item to an existing binary. Making a Window Non-Closeable - Making a Window Non-Closeable. The Never Ending Program - Opening message boxes every time a user tries to close a program. DLL Injection 1 - Adding an opening message box through DLL injection. DLL Injection 2 - Adding a splash bitmap through DLL injection. R4ndom’s Guide to RadASM Installing and setting up - Installing RadASM and configuring the environment. Creating our first project - Creating our first project. Adding an Icon and Menu - Adding an Icon and Menu. Miscellaneous The Reverse Engineer’s Toolkit - Tools every reverse engineer should know about. Shrinking C++ Binaries - Shrinking binaries through Visual Studio. Other Tutorials Author Tutorial XOR06 Cracking DriverFinder nwokiller Unpacking PELock v1.06 XOR06 Bypassing a keyfile XOR06 Bypassing a Serial and server Check XOR06 Bypassing a Serial in a Delphi Binary XOR06 Finding a serial using bitmaps. XOR06 Easy unpacking. XOR06 Where and How to pacth a serial routine. XOR06 Patching a server check, 30 day time trial, and a nag. XOR06 Serialfishing a correct serial. XOR06 Another way of finding the patch. XOR06 Why it’s so important to search for pointers. XOR06 .NET Crackme with tutorial XOR06 .NET Crackme (no tutorial)

OllyDbg with Plugin + OllyDBG v1.1 + OllyDBG v2.0.1 + OllyDBG Shadow GUI with Vic Plug-In Enjoy !

My old and simple PE library. I coded it for private use of our team tRUE but now after 6-7 years of lull I decided to share it with you. It helps you in certain aspects to manipulate every PE file in fast and simple way. It is very small (actually has only 4 functions but yet useful). Note: I don't remember the last time I tested but I think it should work with the very latest windows versions since the PE structure is not changed (as far as I know). Features / Functions: - peGetPeEntryPoint -- get the Entry Point of the PE - peIncPeFileSize -- increments / sets file size - peSetPeEntryPoint -- set new Entry Point of the PE - peAddSection -- adds a new section into the PE I hope you will enjoy it and help you make your work easier and faster. If I notice interest I'll definitely improve it and start supporting it. It's up to you and your interest in it. Your comments will help me take this decision. Have fun!