Open main menu

Changes

4,941 bytes added ,  09:43, 28 November 2023
m
some stuff added
*[https://github.com/hasherezade/tiny_tracer tiny_tracer] - is a Pin Tool for tracing API calls including parameters of selected functions, selected instructions RDTSC, CPUID, INT, inline system calls inc parameters of selected syscalls and more.
 
====Virtualization technology (host isolation) or sandboxes====
 
*[https://github.com/firecracker-microvm/firecracker Firecracker] - is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models.
 
*[https://www.redhat.com/en/technologies/cloud-computing/openshift/virtualization Red Hat OpenShift Virtualization] - Red Hat® OpenShift® Virtualization, a feature of Red Hat OpenShift, allows IT teams to run virtual machines alongside containers on the same platform, simplifying management and improving time to production.
 
*[https://xenproject.org/ Xen Project] - The Xen Project focuses on revolutionizing virtualization by providing a versatile and powerful hypervisor that addresses the evolving needs of diverse industries.
 
*[https://github.com/sandboxie-plus/Sandboxie Sandboxie] - is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying local & mapped drives or the Windows registry.
 
*[https://github.com/kpcyrd/boxxy-rs boxxy-rs] - is a linkable sandbox explorer. "If you implement boundaries and nobody is around to push them, do they even exist?". Have you ever wondered how your sandbox looks like from the inside? Tempted to test if you can escape it, if only you had a shell to give it a try?
 
*[https://www.virtualbox.org/ Oracle VM VirtualBox] - is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 3.
 
*[https://www.vmware.com/ VMware] - is a virtualization and cloud computing software provider based in Palo Alto, Calif.
 
*[https://www.qemu.org/ QEMU] - A generic and open source machine emulator and virtualizer.
 
*[https://linux-kvm.org/page/Main_Page KVM (for Kernel-based Virtual Machine)] - is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V). It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko.
 
*[https://www.proxmox.com/en/proxmox-virtual-environment/overview Proxmox] - is a complete, open-source server management platform for enterprise virtualization. It tightly integrates the KVM hypervisor and Linux Containers (LXC), software-defined storage and networking functionality, on a single platform.
----
*[https://github.com/rizinorg/cutter Cutter] - is a free and open-source reverse engineering platform powered by rizin. It aims at being an advanced and customizable reverse engineering platform while keeping the user experience in mind. Cutter is created by reverse engineers for reverse engineers.
 
*[https://github.com/joelpx/plasma Plasma] - Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
 
*[https://github.com/eteran/edb-debugger edb] - is a cross platform AArch32/x86/x86-64 debugger. It was inspired by Ollydbg, but aims to function on AArch32, x86, and x86-64 as well as multiple OS's.
 
*[https://github.com/wisk/medusa Medusa] - is a disassembler designed to be both modular and interactive. It runs on Windows and Linux, it should be the same on OSX.
 
*[https://github.com/mandiant/rvmi rVMI] - is a debugger on steroids. It leverages Virtual Machine Introspection (VMI) and memory forensics to provide full system analysis. This means that an analyst can inspect userspace processes, kernel drivers, and pre-boot environments in a single tool.
 
*[https://www.sourceware.org/gdb/ GDB] - the GNU Project debugger, allows you to see what is going on `inside' another program while it executes, or what another program was doing at the moment it crashed.
 
::GDB Plugins/Integrations/Templates
:::*[https://github.com/pwndbg/pwndbg pwndbg] - is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers.
 
*[https://github.com/capstone-engine/capstone Capstone] - is a disassembly/disassembler framework for ARM, ARM64 (ARMv8), BPF, Ethereum VM, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
====Debugging and Profiling dynamic analysis (Linux)====
::*[https://github.com/ViRb3/de4dot-cex de4dot CEx] - is a deobfuscator based on de4dot with full support for vanilla ConfuserEx.
::*[https://github.com/de4dot/de4dot de4dot] - is a .NET deobfuscator and unpacker.
::*[https://github.com/NotPrab/.NET-Deobfuscator Lists of .NET Deobfuscator deobfuscators and Unpacker unpackers (Open Source)] - A curated list of open source deobfuscators and more.
======.NET memory dumpers======
*[https://github.com/rocky/python-uncompyle6 uncompyle6] - is a native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2.
 
*[https://github.com/zrax/pycdc pycdc] - is a C++ python bytecode disassembler and decompiler.
*[https://github.com/Cisco-Talos/pyrebox PyREBox] - is a Python scriptable Reverse Engineering sandbox by Cisco-Talos. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective.
*[https://github.com/snare/voltron Voltron] - is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the attachment of utility views that can retrieve and display data from the debugger host.