333
edits
Changes
m
Add search engines: SearXNG, websurfx, Mwmbl, YaCy P2P search engines. Add more social junk.
*[https://astrogrep.sourceforge.net/ AstroGrep] - is a Microsoft Windows grep utility. Grep is a UNIX command-line program which searches within files for keywords. AstroGrep supports regular expressions, versatile printing options, stores most recently used paths and has a "context" feature which is very nice for looking at source code.
====Comparison Tools (Binary differences)====
*[https://github.com/joxeankoret/diaphora Diaphora] - is the most advanced Free and Open Source program diffing tool.
*[https://github.com/google/bindiff BinDiff] - is an open-source comparison tool for binary files to quickly find differences and similarities in disassembled code.
*[https://github.com/clearbluejar/ghidriff Ghidriff] - is a command-line binary diffing tool that uses Ghidra to identify differences between two binaries.
*[https://github.com/quarkslab/qbindiff QBinDiff] - is an experimental binary diffing tool addressing the diffing as a Network Alignement Quadratic Problem.
*[https://book.rada.re/tools/radiff2/binary_diffing.html radiff2] - is a binary diffing utility that is part of the radare2 framework.
*[https://github.com/bmaia/binwally binwally] - is a binary and directory tree comparison tool using Fuzzy Hashing concept (ssdeep).
====IAT Reconstructors (Windows)====
*[https://github.com/x64dbg/Scylla NtQuery Scylla] - is a Windows Portable Executable imports reconstructor Open Source and part of x64dbg.
====Process Monitors (Windows)====
*[https://github.com/winsiderss/systeminformer/ System Informer] - is a free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
*[https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer Process Explorer (by Microsoft Sysinternals)] - is an advanced system monitoring tool by Microsoft Sysinternals that provides detailed real-time information about running processes, including their dependencies, resource usage, and open handles or DLLs.
*[https://docs.microsoft.com/en-us/sysinternals/downloads/procmon Process Monitor (by Microsoft Sysinternals)] - is a real-time monitoring tool by Microsoft Sysinternals that captures and displays detailed system activity related to file system, registry, process, and thread operations for advanced troubleshooting and diagnostics.
====Process Dumpers (Windows)====
*[https://github.com/jmk-foofus/medusa Medusa] - is a speedy, parallel, and modular, login brute-forcer.
*[https://github.com/lanjelot/patator Patator] - is a multi-purpose brute-forcer, with a modular design and a flexible usage. Also support various offline brute force methods like; unzip_pass, keystore_pass, umbraco_crack.
====Virtualization technology (host isolation) or sandboxes====
----
====Dynamic & Static Analysis (mostly '''unmanged ''' binaries)====
=====Interactive Disassemblers ('''static analysis''')=====
*[https://binary.ninja/ Binary Ninja] - reverse-engineering platform that can disassemble a binary and display the disassembly in linear or graph views.
:::*[https://github.com/AllsafeCyberSecurity/awesome-ghidra Scripts/Plugins/Extension] - A curated list of awesome Ghidra materials.
:::*[https://github.com/grayhatacademy/ghidra_scripts Arm & MIPS scripts] - ARM & MIPS ROP finder, Call Chain, Codatify, Fluorescence, Function Profiler, Leaf Blower, Local Cross Reference, and more.
:::*[https://github.com/DSecurity/efiSeek efiSeek] - is a tool that aids in identifying and analyzing EFI (Extensible Firmware Interface) binaries by locating key EFI structures and metadata within firmware images.
:::*Qt Framework
::::*[https://github.com/diommsantos/QtREAnalyzer/ QtREAnalyzer] - is a extension to reverse-engineer Qt binaries. Works only with Run-Time Type Information (RTTI) enabled & compiled with MSVC.
*[https://github.com/capstone-engine/capstone Capstone] - is a disassembly/disassembler framework for ARM, ARM64 (ARMv8), BPF, Ethereum VM, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
=====Active Disassemblers or Debuggers ('''dynamic analysis''')=====
*[https://github.com/vivisect/vivisect Vivisect] - Vivisect binary analysis framework. Includes Disassembler, Debugger, Emulation and Symbolik analysis engines. Includes built-in Server and Shared-Workspace functionality. Runs interactive or headless, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X (Pure-Python, using ctypes to access underlying OS debug mechanism). Supports RevSync via plugin, allowing basic collaboration with Binja, Ghidra, and IDA. Criticisms (from a core dev): "Graph View could use some work, slower than Binja and IDA (due to Python), documentation like an OpenSource Project... but we keep working to make it better. PR's and suggestions welcome." Best installed via Pip: <code>python3 -m pip install vivisect</code>
*[https://github.com/lornix/fenris fenris] - is a program execution path analysis tool suitable for black-box code audits and algorithm analysis. It's useful for tracking down bugs and evaluating security subsystems.
====Debugger Debuggers / disassembler Disassemblers / Decompilers for '''managed ''' binaries====
=====.NET (CLR)=====
:*[https://github.com/narumii/Deobfuscator Another Deobfuscator] - Some deobfuscator for java. Supports superblaubeere27 / JObf / sb27, Paramorphism 2.1.2_9, Caesium, Monsey, Skid/qProtect, Scuti, CheatBreaker, Bozar, ...
======JAVA decompilers (platform independent)======:*[https://github.com/fesh0r/fernflower Fernflower] - is a powerful open-source Java decompiler that reconstructs readable Java source code from compiled bytecode, widely used and integrated into IntelliJ IDEA. ====Debuggers / Disassemblers for '''unmanaged''' binaries==== =====AutoIt=====AutoIt decompilers extract or anything else related to reverse engineering AutoIt binaries.:*[https://github.com/JacobPimental/exe2aut exe2aut] - is a tool that converts executable (.exe) files into AutoIt script (.aut) source code, attempting to reverse-engineer compiled AutoIt programs.:*[https://github.com/nazywam/AutoIt-Ripper AutoIt-Ripper] - is a short python script that allows for extraction of "compiled" AutoIt scripts from PE executables. =====VB6=====Early .NET applications compile native and p-code meaning there is not a easy way to decompile these like with newer .NET framework exectables. :*[https://www.vb-decompiler.org/ VB Decompiler Pro] - is a commercial software tool that decompiles and analyzes programs written in Visual Basic 5.0/6.0 and also .NET for reverse engineering and code recovery purposes. ====Bytecode Decompilers==== =====React Native Hermes bytecode=====
If you plan on looking inside a compiled React Native Asset for doing a security audit, these tools come in handy.
:*[https://github.com/bongtrop/hbctool hbctool] - Hermes Bytecode Reverse Engineering Tool (Assemble/Disassemble Hermes Bytecode).
=====PYTHONPython=====All To reverse or decompile binaries generated by IronPython, which compiles Python code into Common Intermediate Language (CIL) targeting the software Common Language Infrastructure (CLI), you need should use decompilation tools designed for working with managed assemblies rather than traditional Python bytecode. Disassemblers, decompilers, debuggers and toolkitstools.
:*[https://github.com/rocky/python-uncompyle6 uncompyle6] - is a native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2.
:*[https://github.com/zrax/pycdc pycdc] - is a C++ python bytecode disassembler and decompiler.
:*[https://github.com/snare/voltron Voltron] - is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the attachment of utility views that can retrieve and display data from the debugger host.
=====Lua=====
:*[https://github.com/scratchminer/unluac unlua] - is a decompiler that converts compiled Lua 5.1 bytecode files (.luac) back into readable Lua source code.
----
*[https://github.com/rapid7/metasploit-framework Metasploit Framework] - is a Ruby-based Framework, modular penetration testing platform that enables you to write, test, and execute exploit code.
*[https://github.com/BC-SECURITY/Empire Empire] - is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
*[https://github.com/Arachni/arachni Arachni] - is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
::*[https://portswigger.net/burp Burp Suite] - is a proxy tool which helps to view, interact, modify web requests. Test, find, and exploit vulnerabilities faster with a complete suite of security testing tools.
::*[https://www.httpdebugger.com/ HTTP Debugger Pro] - is a network traffic analyzer tool that captures, displays, and analyzes HTTP and HTTPS traffic between a web browser or application and the internet for debugging and testing purposes.
::*[https://github.com/httptoolkit HTTP Toolkit] - is a beautiful, cross-platform & open-source HTTP(S) debugging proxy, analyzer & client, with built-in support for modern tools from Docker to Android to GraphQL.
::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/AMI/AMIBCP/AMIBCP_5.02.0031.exe AMIBCP_5.02.0031] [https://www.virustotal.com/gui/file/c7ade67fe0e8f4c22f73ce3168ff6e718086f1eda83cce4c065b4fe49bd5ad99 VT link]
::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/AMI/AMIBCP/AMIBCP%205.02.0034.exe AMIBCP 5.02.0034] [https://www.virustotal.com/gui/file/7fe28fb8a7419c95fba428891e5b3914d9e2b365a5a8932da74db52a1c1dabd8 VT link]
::*[https://github.com/datasone/grub-mod-setup_var grub-mod-setup_var] - a modified grub allowing tweaking hidden BIOS settings. Does not work with newer (2012 & >>) InsydeH2o because of SMM protection or variable locking.
::*[https://github.com/JamesAmiTw/ru-uefi RU.EFI] - is a UEFI app that allows users to examine and modify UEFI variables within a system's BIOS while the system is running. It's essentially a tool for interacting with and altering firmware settings, and is often used for tasks like unlocking hidden BIOS settings or debugging firmware-related issues. Crashes on newer (2012 & >>) InsydeH2o upon loading from EFI shell possibly because of violating BIOS runtime security policies.
=====BIOS (legacy)=====
:::'''Award'''
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/tree/main/Award_Bios_Editor Award Bios Editor] - is a editor for Award bios.
:::'''InsydeInsydeH2O'''
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/Insyde/H2OEZE/x86/H2OEZE_x86_WIN_100.00.02.13.zip H2OEZE_x86_WIN_100.00.02.13] - H2OEZE™: Easy BIOS Editor that helps edit binaries in the BIOS, including Option ROMs, driver binaries, logos, and Setup values. [https://www.virustotal.com/gui/file/9660f1bf9436b258ec5ad857a94fbd0ec1f8fbff8ab22ca1dfcfb5ebbdcedf08 VT link]
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/Insyde/H2OEZE/x86/H2OEZE_x86_WIN_100.00.03.04.zip H2OEZE_x86_WIN_100.00.03.04] [https://www.virustotal.com/gui/file/2a1005803da854693502093445906eb2cccb24947d6828bc1533ba3603c73b0a VT link]
:::*[https://github.com/direstraits96/BIOS-MOD-TOOLS/blob/main/Insyde/H2OEZE/x64/H2OEZE_x64_WIN_100.00.03.04.rar H2OEZE_x64_WIN_100.00.03.04] [https://www.virustotal.com/gui/file/20d2d0336d30afd0b1961eb42dc061ce66a6fcfbfba1530e7abd9be883dcb45c VT link]
:::'''Phoenix'''
:::*[[Media:PhoenixBiosEditor2.2.13.zip]] (pw: recessim.com [https://www.virustotal.com/gui/file/3abf75ea7386f3dc24156bf6175a940867b8c742246cb8bf257fe5fc0b1cf9b5 VT link]) - is a software tool used to view and modify the settings and structure of Phoenix BIOS firmware images dating from between 2004 and 2008.
:Download all* the above tools in one archive, [https://github.com/direstraits96/BIOS-MOD-TOOLS/archive/refs/heads/main.zip click here]. [https://www.virustotal.com/gui/file/d8a75883ca8d292adcf40e5ed88584579b1c0c69f6ad5837fc56747233c56f9c VT link]
:Download all::'''Tool collections''':::* tools in one archive, [httpshttp://githubxdel.comru/direstraits96downloads/BIOSbios-MODmods.com-TOOLStools/archive/refs/heads/mainbios-mods.zip click herecom tools (2016)]- is a collection of bios modifying and flashing tools. [https://www.virustotal.com/gui/file/d8a75883ca8d292adcf40e5ed88584579b1c0c69f6ad5837fc56747233c56f9c VT link]
:::'''Microcode Extraction Tool'''
:::*[https://github.com/platomav/MCExtractor MCExtractor] - is a tool which parses Intel, AMD, VIA and Freescale processor microcode binaries. It can be used by end-users who are looking for all relevant microcode information such as CPUID, Platform, Version, Date, Release, Size, Checksum etc.
:Bios password resetting
::*[https://archive.org/details/hp-bios-reset-mazzif HP BIOS Password Reset by MAZZIF] [https://www.virustotal.com/gui/file/9ddd094edc286f2cb8d63158d226986d9a0c184ca450580dfaf9754005df9d41 VT link] - A live USB tool made by Mazzif to reset older HP Probook and Elitebook BIOS passwords.
::*[[Media:Fujitsu bios unlock.zip|pwgen-fsi-6x4dec.py]] [https://www.virustotal.com/gui/file/3a43ba7c88f1f10576728ea291b3097c048f842eee30dda3121280c049c61b8a/community VT link] pwgen-fsi-6x4dec.py - is a python command-line utility for generating master unlock password for older Fujitsu notebooks. Tested on: E557, FH570, Q616, U728, T731, E734, U745, S752, E756
::*[https://github.com/dogbert/bios-pwgen/tree/master bios-pwgen] - BIOS Master Password Generators for older laptops [http://dogber1.blogspot.com/2009/05/table-of-reverse-engineered-bios.html blogpost] (dell, asus, fsi6x4, fxi-hex hpmini, insyde, samsung, sony-4x4, sony-serial).
::*[[Media:AMITSEDecrypt.zip]] [https://www.virustotal.com/gui/file/2b03ef2292863bd94dc6ce0f10412f27ec5abf95f1e3aca2d34dd3712fd45d12 VT link] - AMI supervisor password decoder called "AMITSEDecrypt" to decode them with the XOR key. Works on older AMI firmware images is able to recover supervisor password if set.
::*[https://bios-pw.org/ BIOS Master Password Generator (bios-pw.org)] - is a website that provides default or master BIOS unlock passwords for various laptop brands based on the system-generated hash or code displayed after too many failed BIOS password attempts.
======Privacy Operating System======
*[https://tails.net/ Tails] - is a portable operating system that protects against surveillance and censorship.
*[https://www.qubes-os.org/ Qubes OS] - is a security-focused operating system that uses virtualization to isolate applications and tasks into separate compartments (called qubes), protecting the system even if one part gets compromised.
*[https://www.whonix.org/ Whonix] is a privacy-focused Linux distribution that routes all internet traffic through the Tor network using a two-part system of an isolated gateway and a workstation to provide strong anonymity and security.
======Windows 10 IoT LTSC======
:::*[https://github.com/yokoffing/Betterfox Betterfox] - Firefox speed, privacy, and security: a user.js template for configuration. Your favorite browser, but better.
:::*[https://github.com/gorhill/uBlock uBlock] - Help users neutralize privacy-invading ads CPU and memory-efficient.
:::*[https://github.com/sereneblue/chameleon Chameleon] - is a WebExtension port of the popular Random Agent Spoofer. Spoofs a lot of client fingering techniques and adds security.
:::*[https://github.com/EFForg/privacybadger Privacy Badger] - is a browser extension that automatically learns to block invisible trackers. PB is made by the leading digital rights nonprofit EFF to stop companies from spying on you.
*[https://www.torproject.org/ Tor Browser] - [[Wikipedia:Tor_(network)|Tor]] (The Onion Router) is a network that anonymizes web traffic to provide truly private web browsing. The Tor Browser hides your IP address and browsing activity by redirecting web traffic through a series of different routers known as nodes.
=====Chat Applications / Platforms=====
*[https://www.teamspeak.com/ TeamSpeak] - is a VoIP application for audio communication between users via a chat channel, similar to a video meeting. Cross-platform with military-grade security, lag-free performance, privacy and complete control.
*[https://github.com/RetroShare/RetroShare RetroShare] - is a Free and Open Source cross-platform, Friend-2-Friend and secure decentralised communication platform.
*[https://github.com/JFreegman/toxic Toxic] - is a Tox-based P2P messenger that provides end-to-end encrypted communications without the use of centralized servers. It supports text messaging, file sharing, 1-on-1 voice and video calls, private audio conferences, public and private text group chats.
*[https://www.jabber.org/ Jabber] - is a original messaging service based on [https://xmpp.org/ XMPP] and has been continuously offered for free since 1999.
::XMPP clients
*[https://streamlabs.com/ StreamLabs] - is free live streaming and recording software for Twitch, YouTube, and more for Windows or Mac.
====Search engine (self-hosted & open-source)====*[https://github.com/searxng/searxng SearXNG] - is a free and open-source metasearch engine that prioritizes user privacy. It works by aggregating results from various search engines, such as Google, Bing, and DuckDuckGo, without tracking or profiling users. Essentially, it acts as a privacy-respecting proxy for your searches. *[https://github.com/neon-mmd/websurfx websurfx] - is a free and open-source metasearch engine written in Rust, designed to provide a fast, secure, and privacy-respecting alternative to search engines like SearX. It aggregates results from other search engines without displaying ads, focusing on speed, security, and user privacy. *[https://github.com/mwmbl/mwmbl Mwmbl] - is a non-profit, open source search engine where the community determines the rankings. We aim to be a replacement for commercial search engines such as Google and Bing. *[https://github.com/yacy/yacy_search_server YaCy] - is a free, open-source, peer-to-peer (P2P) search engine that operates without a central authority. It differs from traditional search engines by allowing users to create their own local or global indexes and share them with other users, creating a decentralized network. ====Social Network / Fediverse (self-hosted & open-source)====
*[https://joinmastodon.org/ Mastodon] - is a free and open-source software for running self-hosted social networking services. It has microblogging features similar to Twitter, which are offered by a large number of independently run nodes, known as instances or servers, each with its own code of conduct, terms of service, privacy policy, privacy options, and content moderation policies. [https://github.com/mastodon/mastodon Github repo].
*[https://github.com/pixelfed/pixelfed PixelFed] - is a decentralized, open-source social media platform focused on photo and video sharing, designed as an alternative to Instagram. It utilizes the ActivityPub protocol, allowing users to interact with accounts on other Pixelfed servers as if they were on the same platform.
*[https://github.com/movim/movim Movim] - is a federated blogging and chat platform that acts as a web frontend for the XMPP protocol.
*[https://github.com/emilebosch/awesome-fediverse Big fediverse list] - is a curated list of more decentralized social networks.
==Education==
:[[:Literature|See the literature wiki page for all the resources.]]