x64dbg

Posted on March 21, 2025March 21, 2025 by randrada

Reverse Engineering Tool - x64dbg

x64dbg is a powerful reverse engineering tool designed for analyzing and debugging Windows applications, supporting both 64-bit and 32-bit formats. Its intuitive interface makes it accessible for users ranging from beginners to seasoned reverse engineers, allowing them to dive into complex software with ease. This tool is particularly useful for security researchers and malware analysts who aim to understand the inner workings of applications.

One of the key features of x64dbg is its comprehensive debugging capabilities, which include setting breakpoints, monitoring memory, and analyzing real-time data. Users can employ various debugging techniques to inspect the flow of execution and even modify program behavior while it runs. Additionally, x64dbg supports plugins and scripting, enabling users to customize its functionality for specific tasks. Its blend of user-friendliness and powerful features has made x64dbg a popular choice among professionals in the reverse engineering community, proving to be an invaluable resource for software analysis and security investigations.

The Sleuth Kit Tools

Uncompyle

Posted on March 19, 2025March 20, 2025 by randrada

Reverse Engineering Tool - Uncompyle

Uncompyle is a specialized reverse engineering tool designed to decompile Python bytecode back into its original source code. Unlike generic decompilers, Uncompyle focuses specifically on Python, making it a go-to solution for developers, security researchers, and forensic analysts who need to analyze or recover Python scripts from compiled .pyc files. This capability is particularly useful when the original source code is lost, obfuscated, or intentionally hidden, as it allows users to reconstruct readable and functional Python code from its compiled form. By doing so, Uncompyle enables professionals to understand the logic, functionality, and potential vulnerabilities of Python-based applications or scripts.

One of Uncompyle’s key strengths is its ability to handle a wide range of Python versions, ensuring compatibility with various bytecode formats generated by different Python releases. This makes it a versatile tool for analyzing legacy code or applications built on older Python versions. Additionally, Uncompyle supports the decompilation of both standalone .pyc files and those embedded within larger software packages, providing flexibility in its application. The tool is often used in software debugging, malware analysis, and forensic investigations, where understanding the inner workings of Python scripts is critical. Its output is highly accurate, producing clean and readable code that closely resembles the original source, which can then be further analyzed or modified as needed. With its focus on Python-specific decompilation, Uncompyle stands out as an essential tool for anyone working with Python bytecode in reverse engineering or forensic contexts.

The Sleuth Kit Tools

Scylla x64-x86

Posted on May 4, 2022January 22, 2025 by randrada

Reconstructing Import Table with Scylla

Scylla x86-x64 is a tool that is used to rebuild the import table.

In Malware Analysis, to analyze a previously packed sample dumping the OEP of the process is not enough, it then needs the import table to be fixed for the disassembler or debugger to identify its imported modules.

You can follow this project through Github: Click Me!

Reverse Engineering Tool Lists

OllyDumpEx

Posted on May 4, 2022January 22, 2025 by randrada

Dumping process memory with OllyDumpEx

OllyDumpEx is a process memory dumper used for OllyDbg and Immunity Debugger.

In Malware Analysis, this tool is used to dumped the original entry point of the process to ignore the populated code done by a packer.

Reverse Engineering Tool Lists

Immunity Debugger

Posted on May 4, 2022January 22, 2025 by randrada

Reverse Engineering with Immunity Debugger

Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry’s first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.

Learn more: Click Me!

Reverse Engineering Tool Lists

OllyDbg

Posted on May 2, 2022January 22, 2025 by randrada

OllyDbg Crash Course

OllyDbg is an x86 debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries.

source: https://en.wikipedia.org/wiki/OllyDbg

source: http://www.ollydbg.de/quickst.htm

Reverse Engineering Tool Lists

IDA

Posted on May 1, 2022January 22, 2025 by randrada

Malware Static Code Analysis with IDA PRO

The Interactive Disassembler(IDA) is a disassembler for computer software which generates assembly language source code from machine-executable code. It supports a variety of executable formats for different processors and operating systems. It can also be used as a debugger for Windows PE, Mac OS X Mach-O, and Linux ELF executable. A decompiler plug-in for programs compiled with a C/C++ compiler is available at extra cost.

IDA performs automatic code analysis, using cross-references between code sections, knowledge of parameters of API calls, and other information.

source: https://en.wikipedia.org/wiki/Interactive_Disassembler

Reverse Engineering Tool Lists