mirror of
https://github.com/aljazceru/securedorg.github.io.git
synced 2025-12-21 16:04:20 +01:00
49 lines
1.5 KiB
Markdown
49 lines
1.5 KiB
Markdown
---
|
|
layout: default
|
|
permalink: /RE101/section3/
|
|
title: RE Tools
|
|
---
|
|
[Go Back to Reverse Engineering Malware 101](https://securedorg.github.io/RE101/)
|
|
|
|
# Section 3: Reverse Engineering (RE) Tools #
|
|
|
|
|
|
## Disassembler
|
|
|
|
* [Ida](https://www.hex-rays.com/products/ida/)
|
|
* Free (Used in this worksop)
|
|
* Pro
|
|
* [Radare](https://www.radare.org)
|
|
* [Capstone](http://www.capstone-engine.org/)
|
|
|
|
## Decompilers
|
|
|
|
* [Snowman](https://derevenets.com/)
|
|
* [dotPeek](https://www.jetbrains.com/decompiler/) .NET decompiler
|
|
|
|
## Debuggers
|
|
|
|
* [x64dbg](http://x64dbg.com/) (Used in this worksop)
|
|
* [Immunity](https://www.immunityinc.com/products/debugger/)
|
|
* [OllyDbg](http://www.ollydbg.de/) (Most Popular)
|
|
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit)
|
|
|
|
## Information Gathering
|
|
|
|
* [CFF Explorer](http://www.ntcore.com/exsuite.php)
|
|
* [Sysinternals Suite](https://technet.microsoft.com/en-us/sysinternals/bb842062.aspx)
|
|
* procmon
|
|
* procexplorer
|
|
* [InetSim: Internet Services Simulation Suite](http://www.inetsim.org/downloads.html)
|
|
* [Yara: pattern matching rule engine](https://virustotal.github.io/yara/)
|
|
* [Wireshark](https://www.wireshark.org/download.html) - network sniffing
|
|
* [API Monitor](http://www.rohitab.com/downloads)
|
|
|
|
## Support
|
|
|
|
* [HxD Hex Editor](https://mh-nexus.de/en/hxd/)
|
|
* [Python](https://www.python.org/downloads/) - used for automating tasks
|
|
|
|
|
|
[Section 2 <- Back](https://securedorg.github.io/RE101/section2) | [Next -> Section 4](https://securedorg.github.io/RE101/section4)
|