Tag Archives: Reverse-Engineering

Smalisca – Static Code Analysis for Smali files

Studying the application and learning more about what it is really doing on the system is very important. Android applications are similar to any other application that may include suspicious and malicious software. If you are looking to investigate this

PortEx- Java Library for Static Analysis of PE File

PortEX

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. some of the features are:

iRET – iOS Reverse Engineering Toolkit

iRET is an open source tool that you can use to analyze and evaluate iOS applications. The toolkit includes the following features: Binary Analysis where you can check the binary encryption , architecture of the application and if it has

McAfee FileInsight 2.1

FileInsight McAfee – free HEX- editor for Windows. Includes all the standard features HEX- editor . It has convenient interface for editing files in hex ​​and text. Able to read the structure of exe- files and organize them by entry

Process Hacker 2.32 – Utility to manage Windows process and services

Process hacker is one of the leading tool for manipulating processes and services, this is important for monitoring the changes when you are investigating a malicious code. you will need this tool in your sandbox to identify any new process

PE-bear Portable Executable reversing tool

PE-bear is a project that can be used for reversing malwares, the tool provides a very useful interface to compare two portable executable files and see the difference. Some of the features are: views multiple files in parallel recognizes known

Malwasm – Offline malware debugging tool

Malwasm is another project that is designed to assist in reverse engineering. It is based on Cuckoo Sandbox a popular open source tool for automating malware analyses and PIN a binary instrumentation tool. The algorithm works as follows: 1. Malware