386
edits
Changes
Jump to navigation
Jump to search
m
All To reverse or decompile binaries generated by IronPython, which compiles Python code into Common Intermediate Language (CIL) targeting the software Common Language Infrastructure (CLI), you need should use decompilation tools designed for working with managed assemblies rather than traditional Python bytecode. Disassemblers, decompilers, debuggers and toolkitstools.
add NexusBV v03
*[https://astrogrep.sourceforge.net/ AstroGrep] - is a Microsoft Windows grep utility. Grep is a UNIX command-line program which searches within files for keywords. AstroGrep supports regular expressions, versatile printing options, stores most recently used paths and has a "context" feature which is very nice for looking at source code.
====Comparison Tools (Binary differences)====
*[https://github.com/joxeankoret/diaphora Diaphora] - is the most advanced Free and Open Source program diffing tool.
*[https://github.com/google/bindiff BinDiff] - is an open-source comparison tool for binary files to quickly find differences and similarities in disassembled code.
*[https://github.com/clearbluejar/ghidriff Ghidriff] - is a command-line binary diffing tool that uses Ghidra to identify differences between two binaries.
*[https://github.com/quarkslab/qbindiff QBinDiff] - is an experimental binary diffing tool addressing the diffing as a Network Alignement Quadratic Problem.
*[https://book.rada.re/tools/radiff2/binary_diffing.html radiff2] - is a binary diffing utility that is part of the radare2 framework.
*[https://github.com/bmaia/binwally binwally] - is a binary and directory tree comparison tool using Fuzzy Hashing concept (ssdeep).
====IAT Reconstructors (Windows)====
====Virtualization technology (host isolation) or sandboxes====
*[https://githubwww.vmware.com/firecracker-microvm/firecracker FirecrackerVMware] - is an open source a virtualization technology that is purpose-built for creating and managing securecloud computing software provider based in Palo Alto, multi-tenant container and function-based services that provide serverless operational modelsCalif.
*[https://www.redhatvirtualbox.comorg/en/technologies/cloudOracle VM VirtualBox] -computing/openshiftis a powerful x86 and AMD64/Intel64 virtualization Red Hat OpenShift Virtualization] - Red Hat® OpenShift® Virtualizationproduct for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, a feature it is also the only professional solution that is freely available as Open Source Software under the terms of Red Hat OpenShift, allows IT teams to run virtual machines alongside containers on the same platform, simplifying management and improving time to productionGNU General Public License (GPL) version 3.
*[https://xenprojectlinux-kvm.org/ Xen Projectpage/Main_Page KVM (for Kernel-based Virtual Machine)] - The Xen Project focuses is a full virtualization solution for Linux on revolutionizing x86 hardware containing virtualization by providing extensions (Intel VT or AMD-V). It consists of a versatile and powerful hypervisor loadable kernel module, kvm.ko, that addresses provides the evolving needs of diverse industriescore virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko.
*[https://githubwww.comqemu.org/sandboxie-plus/Sandboxie SandboxieQEMU] - is a sandbox-based isolation software for 32-bit A generic and open source machine emulator and 64-bit Windows NT-based operating systems. It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying local & mapped drives or the Windows registryvirtualizer.
*[https://githubwww.proxmox.com/kpcyrden/boxxyproxmox-rs boxxyvirtual-rsenvironment/overview Proxmox] - is a linkable sandbox explorercomplete, open-source server management platform for enterprise virtualization. "If you implement boundaries It tightly integrates the KVM hypervisor and nobody is around to push themLinux Containers (LXC), do they even exist?". Have you ever wondered how your sandbox looks like from the inside? Tempted to test if you can escape itsoftware-defined storage and networking functionality, if only you had on a shell to give it a try?single platform.
*[https://www.virtualboxredhat.orgcom/ Oracle VM VirtualBoxen/technologies/cloud-computing/openshift/virtualization Red Hat OpenShift Virtualization] - is Red Hat® OpenShift® Virtualization, a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature richof Red Hat OpenShift, high performance product for enterprise customersallows IT teams to run virtual machines alongside containers on the same platform, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 3simplifying management and improving time to production.
*[https://wwwxenproject.vmware.comorg/ VMwareXen Project] - is The Xen Project focuses on revolutionizing virtualization by providing a virtualization versatile and cloud computing software provider based in Palo Alto, Califpowerful hypervisor that addresses the evolving needs of diverse industries.
*[https://wwwgithub.qemu.orgcom/firecracker-microvm/ QEMUfirecracker Firecracker] - A generic and is an open source machine emulator virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and virtualizerfunction-based services that provide serverless operational models.
*[https://linux-kvmgithub.orgcom/pagesandboxie-plus/Main_Page KVM (for Kernel-based Virtual Machine)Sandboxie Sandboxie] - is a full virtualization solution sandbox-based isolation software for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD32-bit and 64-bit Windows NT-V)based operating systems. It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and creates a processor specific module, kvmsandbox-intel.ko like isolated operating environment in which applications can be run or installed without permanently modifying local & mapped drives or kvm-amd.kothe Windows registry.
*[https://www.proxmoxgithub.com/enkpcyrd/proxmoxboxxy-virtualrs boxxy-environment/overview Proxmoxrs] - is a completelinkable sandbox explorer. "If you implement boundaries and nobody is around to push them, open-source server management platform for enterprise virtualizationdo they even exist?". It tightly integrates Have you ever wondered how your sandbox looks like from the KVM hypervisor and Linux Containers (LXC)inside? Tempted to test if you can escape it, software-defined storage and networking functionality, on if only you had a shell to give it a single platform.try?
----
:::*[https://github.com/AllsafeCyberSecurity/awesome-ghidra Scripts/Plugins/Extension] - A curated list of awesome Ghidra materials.
:::*[https://github.com/grayhatacademy/ghidra_scripts Arm & MIPS scripts] - ARM & MIPS ROP finder, Call Chain, Codatify, Fluorescence, Function Profiler, Leaf Blower, Local Cross Reference, and more.
:::*[https://github.com/DSecurity/efiSeek efiSeek] - is a tool that aids in identifying and analyzing EFI (Extensible Firmware Interface) binaries by locating key EFI structures and metadata within firmware images.
:::*Qt Framework
::::*[https://github.com/diommsantos/QtREAnalyzer/ QtREAnalyzer] - is a extension to reverse-engineer Qt binaries. Works only with Run-Time Type Information (RTTI) enabled & compiled with MSVC.
*[https://github.com/lornix/fenris fenris] - is a program execution path analysis tool suitable for black-box code audits and algorithm analysis. It's useful for tracking down bugs and evaluating security subsystems.
====Debuggers / Disassemblers / Decompilers for '''managed''' binaries====
=====.NET (CLR)=====
======.NET tracers======
::*[https://web.archive.org/web/20150515023954/http://www.reteam.org/board/showthread.php?t=939 dotNET Tracer 2.0 by Kurapika] - is a simple tool that has a similar functionality to RegMon or FileMon but it's designed to trace events in .NET assemblies in runtime. [[Media:KDT2.0.zip]] [https://www.virustotal.com/gui/file/d29afcc5115c28f9892f7a6d249423374ad77ac86f69b316665c347982975d02 VT1] [https://www.virustotal.com/gui/file/04cd51dbbc3d2b4fe4a721e4ad0c2f3012fe0f409dc902b430207ea25561ff8c VT2] (thermida packed), pw: recessim.com
::*[https://github.com/smourier/TraceSpy TraceSpy] - is a open source and free, alternative to the very popular SysInternals DebugView tool.
:*[https://github.com/GraxCode/threadtear Threadtear] - is a multifunctional deobfuscation tool for java, ZKM and Stringer support, Android support is in development.
:*[https://github.com/narumii/Deobfuscator Another Deobfuscator] - Some deobfuscator for java. Supports superblaubeere27 / JObf / sb27, Paramorphism 2.1.2_9, Caesium, Monsey, Skid/qProtect, Scuti, CheatBreaker, Bozar, ...
======JAVA decompilers (platform independent)======
:*[https://github.com/fesh0r/fernflower Fernflower] - is a powerful open-source Java decompiler that reconstructs readable Java source code from compiled bytecode, widely used and integrated into IntelliJ IDEA.
====Debuggers / Disassemblers for '''unmanaged''' binaries====
====Bytecode Decompilers====
=====React Native Hermes bytecode=====
If you plan on looking inside a compiled React Native Asset for doing a security audit, these tools come in handy.
=====Python=====
:*[https://github.com/rocky/python-uncompyle6 uncompyle6] - is a native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2.
:*[https://github.com/zrax/pycdc pycdc] - is a C++ python bytecode disassembler and decompiler.
::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/AMI/AMIBCP/AMIBCP_5.02.0031.exe AMIBCP_5.02.0031] [https://www.virustotal.com/gui/file/c7ade67fe0e8f4c22f73ce3168ff6e718086f1eda83cce4c065b4fe49bd5ad99 VT link]
::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/AMI/AMIBCP/AMIBCP%205.02.0034.exe AMIBCP 5.02.0034] [https://www.virustotal.com/gui/file/7fe28fb8a7419c95fba428891e5b3914d9e2b365a5a8932da74db52a1c1dabd8 VT link]
::*[https://github.com/datasone/grub-mod-setup_var grub-mod-setup_var] - a modified grub allowing tweaking hidden BIOS settings. Does not work with newer (2012 & >>) InsydeH2o because of SMM protection or variable locking.
::*[https://github.com/JamesAmiTw/ru-uefi RU.EFI] - is a UEFI app that allows users to examine and modify UEFI variables within a system's BIOS while the system is running. It's essentially a tool for interacting with and altering firmware settings, and is often used for tasks like unlocking hidden BIOS settings or debugging firmware-related issues. Crashes on newer (2012 & >>) InsydeH2o upon loading from EFI shell possibly because of violating BIOS runtime security policies.
=====BIOS (legacy)=====
:::'''Award'''
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/tree/main/Award_Bios_Editor Award Bios Editor] - is a editor for Award bios.
:::'''InsydeInsydeH2O'''
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/Insyde/H2OEZE/x86/H2OEZE_x86_WIN_100.00.02.13.zip H2OEZE_x86_WIN_100.00.02.13] - H2OEZE™: Easy BIOS Editor that helps edit binaries in the BIOS, including Option ROMs, driver binaries, logos, and Setup values. [https://www.virustotal.com/gui/file/9660f1bf9436b258ec5ad857a94fbd0ec1f8fbff8ab22ca1dfcfb5ebbdcedf08 VT link]
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/Insyde/H2OEZE/x86/H2OEZE_x86_WIN_100.00.03.04.zip H2OEZE_x86_WIN_100.00.03.04] [https://www.virustotal.com/gui/file/2a1005803da854693502093445906eb2cccb24947d6828bc1533ba3603c73b0a VT link]
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/Insyde/H2OEZE/x64/H2OEZE_x64_WIN_100.00.03.04.rar H2OEZE_x64_WIN_100.00.03.04] [https://www.virustotal.com/gui/file/20d2d0336d30afd0b1961eb42dc061ce66a6fcfbfba1530e7abd9be883dcb45c VT link]
:::'''Phoenix'''
:::*[[Media:PhoenixBiosEditor2.2.13.zip]] (pw: recessim.com [https://www.virustotal.com/gui/file/3abf75ea7386f3dc24156bf6175a940867b8c742246cb8bf257fe5fc0b1cf9b5 VT link]) - is a software tool used to view and modify the settings and structure of Phoenix BIOS firmware images dating from between 2004 and 2008.
:Download all* the above tools in one archive, [https://github.com/direstraits96/BIOS-MOD-TOOLS/archive/refs/heads/main.zip click here]. [https://www.virustotal.com/gui/file/d8a75883ca8d292adcf40e5ed88584579b1c0c69f6ad5837fc56747233c56f9c VT link]
:Download all::'''Tool collections''':::* tools in one archive, [httpshttp://githubxdel.comru/direstraits96downloads/BIOSbios-MODmods.com-TOOLStools/archive/refs/heads/mainbios-mods.zip click herecom tools (2016)]- is a collection of bios modifying and flashing tools. [https://www.virustotal.com/gui/file/d8a75883ca8d292adcf40e5ed88584579b1c0c69f6ad5837fc56747233c56f9c VT link]
:::'''Microcode Extraction Tool'''
:::*[https://github.com/platomav/MCExtractor MCExtractor] - is a tool which parses Intel, AMD, VIA and Freescale processor microcode binaries. It can be used by end-users who are looking for all relevant microcode information such as CPUID, Platform, Version, Date, Release, Size, Checksum etc.
:Bios password resetting
::*[https://archive.org/details/hp-bios-reset-mazzif HP BIOS Password Reset by MAZZIF] [https://www.virustotal.com/gui/file/9ddd094edc286f2cb8d63158d226986d9a0c184ca450580dfaf9754005df9d41 VT link] - A live USB tool made by Mazzif to reset older HP Probook and Elitebook BIOS passwords.
::*[[Media:Fujitsu bios unlock.zip|pwgen-fsi-6x4dec.py]] [https://www.virustotal.com/gui/file/3a43ba7c88f1f10576728ea291b3097c048f842eee30dda3121280c049c61b8a/community VT link] pwgen-fsi-6x4dec.py - is a python command-line utility for generating master unlock password for older Fujitsu notebooks. Tested on: E557, FH570, Q616, U728, T731, E734, U745, S752, E756
::*[https://github.com/dogbert/bios-pwgen/tree/master bios-pwgen] - BIOS Master Password Generators for older laptops [http://dogber1.blogspot.com/2009/05/table-of-reverse-engineered-bios.html blogpost] (dell, asus, fsi6x4, fxi-hex hpmini, insyde, samsung, sony-4x4, sony-serial).
::*[[Media:AMITSEDecrypt.zip]] [https://www.virustotal.com/gui/file/2b03ef2292863bd94dc6ce0f10412f27ec5abf95f1e3aca2d34dd3712fd45d12 VT link] - AMI supervisor password decoder called "AMITSEDecrypt" to decode them with the XOR key. Works on older AMI firmware images is able to recover supervisor password if set.
::*[https://bios-pw.org/ BIOS Master Password Generator (bios-pw.org)] - is a website that provides default or master BIOS unlock passwords for various laptop brands based on the system-generated hash or code displayed after too many failed BIOS password attempts.
*[https://www.cadence.com/ko_KR/home/tools/allegro-downloads-start.html Allegro®/OrCAD® FREE Physical Viewer] - is a free download that allows you to view and plot databases from Allegro PCB Editor, OrCAD PCB Editor, Allegro Package Designer, and Allegro PCB SI technology.
*[https://t.me/c/2215146324/12151 NexusBV v03] - is a excellent boardviewer that shows all traces like Allegro but with the ease of FlexBV / OpenBoardView and a simlair GUI like BoardViewer. Direct download: [[File:NexusBV v03.zip]] [https://www.virustotal.com/gui/file/54753f73574b710d297cea99796183001c1d1790f8500fc16bfbb8b70b6d51ab/community VT]
*[http://boardviewer.net/ BoardViewer] - is software intended for viewing various boardview file types like .tvw files and much more supported formats.
*[https://github.com/JFreegman/toxic Toxic] - is a Tox-based P2P messenger that provides end-to-end encrypted communications without the use of centralized servers. It supports text messaging, file sharing, 1-on-1 voice and video calls, private audio conferences, public and private text group chats.
*[https://www.jabber.org/ Jabber] - is a original messaging service based on [https://xmpp.org/ XMPP] and has been continuously offered for free since 1999.
::XMPP clients& extensions
:::*[https://xmpp.org/software/ XMPP client list] - is a list of XMPP clients composed by XMPP itself.
:::*[https://otr.cypherpunks.ca/ Off-the-Record Messaging (OTR) for XMPP] - is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function.
:::*[https://omemo.im/ OMEMO.IM] is a free, secure XMPP-based chat client available for Android and Windows that utilizes the OMEMO (Multi-End Message and Object) end-to-end encryption protocol.
:::*[https://xmpp.org/extensions/xep-0384.html XEP-0384: OMEMO Encryption] defines an end-to-end encryption protocol for XMPP messaging that uses double-ratchet and key-exchange techniques to securely encrypt one-to-one and group chats across multiple devices.
*[https://getsession.org/ Session] - Session is an end-to-end encrypted messenger that minimises sensitive metadata, designed and built for people who want absolute privacy and freedom from any form of surveillance.
*[https://github.com/briar Briar] - is a messaging app designed for activists, journalists, and anyone else who needs a safe, easy and robust way to communicate. Unlike traditional messaging apps, Briar doesn't rely on a central server - messages are synchronized directly between the users' devices.
*[https://streamlabs.com/ StreamLabs] - is free live streaming and recording software for Twitch, YouTube, and more for Windows or Mac.
====Search engine (self-hosted & open-source)====*[https://github.com/searxng/searxng SearXNG] - is a free and open-source metasearch engine that prioritizes user privacy. It works by aggregating results from various search engines, such as Google, Bing, and DuckDuckGo, without tracking or profiling users. Essentially, it acts as a privacy-respecting proxy for your searches. *[https://github.com/neon-mmd/websurfx websurfx] - is a free and open-source metasearch engine written in Rust, designed to provide a fast, secure, and privacy-respecting alternative to search engines like SearX. It aggregates results from other search engines without displaying ads, focusing on speed, security, and user privacy. *[https://github.com/mwmbl/mwmbl Mwmbl] - is a non-profit, open source search engine where the community determines the rankings. We aim to be a replacement for commercial search engines such as Google and Bing. *[https://github.com/yacy/yacy_search_server YaCy] - is a free, open-source, peer-to-peer (P2P) search engine that operates without a central authority. It differs from traditional search engines by allowing users to create their own local or global indexes and share them with other users, creating a decentralized network. ====Social Network / Fediverse (self-hosted & open-source)====
*[https://joinmastodon.org/ Mastodon] - is a free and open-source software for running self-hosted social networking services. It has microblogging features similar to Twitter, which are offered by a large number of independently run nodes, known as instances or servers, each with its own code of conduct, terms of service, privacy policy, privacy options, and content moderation policies. [https://github.com/mastodon/mastodon Github repo].
*[https://github.com/pixelfed/pixelfed PixelFed] - is a decentralized, open-source social media platform focused on photo and video sharing, designed as an alternative to Instagram. It utilizes the ActivityPub protocol, allowing users to interact with accounts on other Pixelfed servers as if they were on the same platform.
*[https://github.com/movim/movim Movim] - is a federated blogging and chat platform that acts as a web frontend for the XMPP protocol.
*[https://github.com/emilebosch/awesome-fediverse Big fediverse list] - is a curated list of more decentralized social networks.
====Privacy-focused Software Directory====
*[https://prism-break.org/ prism-break.org] - is a website that provides a curated list of free and open-source software (FOSS) alternatives to proprietary, surveillance-prone services. It aims to help users opt out of global data surveillance programs—like PRISM, XKeyscore, and Tempora—by promoting privacy-respecting technology for operating systems, browsers, and communication tools.
==Education==
:[[:Literature|See the literature wiki page for all the resources.]]
