The PlugX remote access trojan has been observed masquerading as an open source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system. “This file is a legitimate open-source debugger tool for Windows that is generally used to examine kernel-mode and user-mode code, crash dumps, or […]
HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world. It operates on top of Windows by virtualizing an already running system using Intel VT-x and Intel PT. This debugger aims not to use any APIs and software debugging mechanisms, but instead, it uses […]
Hyperpwn Hyperpwn is a Hyper plugin to improve the display when debugging with GDB. Hyperpwn needs GEF or pwndbg to be loaded in GDB as a backend. Hyperpwn handles with its context data, separates them to different windows to get a clearer display and can easily replay previous states. Use hyperpwn on GEF. Theme: hyper-chesterish: Use hyperpwn together with hyper-pane on pwndbg. Theme: hyper-material-theme: […]
A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Installation Download and install the latest version of Fiddlerhttps://www.telerik.com/fiddler Special instructions for Linux and Mac here:https://www.telerik.com/blogs/fiddler-for-linux-beta-is-herehttps://www.telerik.com/blogs/introducing-fiddler-for-os-x-beta-1 Enable C# scripting (Windows only) Launch Fiddler, and go to Tools -> Options In the Scripting tab, change the default (JScript.NET) […]
dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor (and more) and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies (eg. malware) without crashing. Features Open Source (GPLv3) and Free Forever (:TM:) […]
The main impetus for DbgShell is that it’s just waaaay too hard to automate anything in the debugger. There are facilities today to assist in automating the debugger, of course. But in my opinion they are not meeting people’s needs. Using the built-in scripting language is arcane, limited, difficult to get right, and difficult to get help […]
Reverse Engineer .NET Assemblies dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor (and more) and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies (eg. malware) without crashing. Features […]