aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2026-01-09 09:14:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

adding tool diagrams

Browse Source
This commit is contained in:
Amanda Rousseau
2017-03-20 18:27:34 -07:00
parent cf4acf031f
commit 8449ec515b
3 changed files with 32 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
images/CFFexplorer.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 239 KiB

BIN
images/procmon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 143 KiB

44
retools.md
View File

@@ -16,19 +16,16 @@ title: RE Tools
* [Radare](https://www.radare.org)
* [Capstone](http://www.capstone-engine.org/)
### IdaFree
---
**Visual Modes**
* **Graph Mode** - control flow diagram
* **Text Mode** - default view of disassembled code
**Command Cheatsheet**
Please refer to this [Ida cheatsheet](https://securedorg.github.io/idacheatsheet.html)
**Common Commands**
### Disassembler: IdaFree
* **Visual Modes**
* **Graph Mode** - control flow diagram
* **Text Mode** - default view of disassembled code
* **Command Cheatsheet**
* Please refer to this [Ida cheatsheet](https://securedorg.github.io/idacheatsheet.html)
* **Common Commands**
| Action | Command |
| --- | --- |
| Jump to xref to operand | X |
@@ -42,7 +39,9 @@ Please refer to this [Ida cheatsheet](https://securedorg.github.io/idacheatsheet
* [OllyDbg](http://www.ollydbg.de/) (Most Popular)
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit)
### x64dbg
---
### Debugger: x64dbg
![alt text](https://securedorg.github.io/images/x64dbg.gif "x64dbg Layout")
@@ -61,6 +60,8 @@ Please refer to this [Ida cheatsheet](https://securedorg.github.io/idacheatsheet
![alt text](https://securedorg.github.io/images/keyboarddbg.gif "Keyboad Layout")
---
## Decompilers
* [Snowman](https://derevenets.com/) (Integrated with x64dbg)
@@ -78,6 +79,25 @@ Please refer to this [Ida cheatsheet](https://securedorg.github.io/idacheatsheet
* [Yara: pattern matching rule engine](https://virustotal.github.io/yara/)
* [Wireshark](https://www.wireshark.org/download.html) - network sniffing (Used in this worksop)
* [API Monitor](http://www.rohitab.com/downloads)
---
## Information Gathering: CFF Explorer
* Parses the PE headers
* Explores Resources
* Unpacks UPX
![alt text](https://securedorg.github.io/images/CFFexplorer.gif "CFF Explorer")
## Information Gathering: Sysinternals Suite
* advanced system utilities
* **Procmon** - Monitor processes running on the system
![alt text](https://securedorg.github.io/images/procmon.png "Procmon")
---
## Support