Posts Tagged ‘Reverse-Engineering’

iRET – iOS Reverse Engineering Toolkit

iRET is an open source tool that you can use to analyze and evaluate iOS applications. The toolkit includes the following features: Binary Analysis where you can check the binary encryption , architecture of the application and if it has stack-smashing protection enabled. Keychain Analysis this to analyze the keychain contents, including passwords, keys, certificates [...]

Share

McAfee FileInsight 2.1

FileInsight McAfee – free HEX- editor for Windows. Includes all the standard features HEX- editor . It has convenient interface for editing files in hex ​​and text. Able to read the structure of exe- files and organize them by entry , section , import table with a list of imported functions and displays it in [...]

Share

Process Hacker 2.32 – Utility to manage Windows process and services

Process hacker is one of the leading tool for manipulating processes and services, this is important for monitoring the changes when you are investigating a malicious code. you will need this tool in your sandbox to identify any new process created during executing the malicious code. Utility provides detailed debugging information for the selected process, [...]

Share

PE-bear Portable Executable reversing tool

PE-bear is a project that can be used for reversing malwares, the tool provides a very useful interface to compare two portable executable files and see the difference. Some of the features are: views multiple files in parallel recognizes known packers (by signatures) fast disassembler – starting from any chosen RVA/File offset visualization of sections [...]

Share

Malwasm – Offline malware debugging tool

Malwasm is another project that is designed to assist in reverse engineering. It is based on Cuckoo Sandbox a popular open source tool for automating malware analyses and PIN a binary instrumentation tool. The algorithm works as follows: 1. Malware analysis is run in the sandbox Cuckoo Sandbox. 2. During the execution all actions are [...]

Share

CrowdInspect Malware Forensic Program

Forensic  tools are important to help in analyzing DLLs and processes running on operating system, here you can consider some free programs such as CrowdInspect.  CrowdInspect is a free  tool for Microsoft Windows systems that helps to detect any suspicious connection created with external network. the tool helps investigator to list processes and what is [...]

Share

oSpy- Utility for Sniffing Local Application Calls

Application that are running on local system include many important information such as login passwords and other sensitive credential, it is possible for an attacker to have all these details by reversing the software while it is running on the system. Some programs are using encryption but you still can use oSpy to receive API [...]

Share