125
edits
Changes
m
*[http://www.reteam.org/board/showthread.php?t=939 dotNET Tracer 2.0 by Kurapika] - is a simple tool that has a similar functionality to RegMon or FileMon but it's designed to trace events in =====.NET assemblies in runtime. [[File:KDT2.0.zip|thumb]] [https://www.virustotal.com/gui/file/d29afcc5115c28f9892f7a6d249423374ad77ac86f69b316665c347982975d02 VT1] [https://www.virustotal.com/gui/file/04cd51dbbc3d2b4fe4a721e4ad0c2f3012fe0f409dc902b430207ea25561ff8c VT2] (thermida packed), pw: recessim.comdeobfuscators======
::*[https://github.com/de4dot/de4dot de4dot] - is a ======.NET deobfuscator and unpacker.tracers======
*[https://github.com/skylot/jadx Jadx] - Dex to Java decompiler. Command-line and GUI tools for producing Java source code from Android Dex and apk files.=====JAVA (JVM)=====
*[https:======JAVA (ART//github.com/honeynet/apkinspector/ APKinspector] - is a powerful GUI tool for analysts to analyze the Android applications.APK)======
*[https://github.com/Konloch/bytecode-viewer Bytecode viewer] - A Java 8+ Jar & Android APK Reverse Engineering Suite ======JAVA deobfuscators (Decompiler, Editor, Debugger & Moremixed platforms) :Java deobfuscators======
Teamspeak voip chat application added.
*[https://www.gnuradio.org/ GNU Radio] - toolkit that provides signal processing blocks to implement software-defined radios and signal processing systems.
*[https://github.com/cjcliffe/CubicSDR CubicSDR] - is a cross-platform Software-Defined Radio application which allows you to navigate the radio spectrum and demodulate any signals you might discover.
*[https://github.com/audacity/audacity Audacity] - is a audio editor that can be used to cleanup the radio waves captured by a [[Wikipedia:Software-defined_radio|SDR]] or Software Defined Radio. (Example: Start Audacity -> Import –> Raw Data -> Radio Wave File)
====RF Signals Analysis Operating System====
*[https://cemaxecuter.com/ DragonOS] - Out of the box OS for SDRs. Supports Raspberry Pi and x86-64.
*The list [[#Operating_System_for_Penetration_Testing_.26_Digital_Forensics|Operating System for Penetration Testing & Digital Forensics]] will also be sufficient for the SDR playfield.
----
*[https://github.com/attify/firmware-analysis-toolkit FAT] - is a toolkit built in order to help security researchers analyze and identify vulnerabilities in IoT and embedded device firmware.
*[https://github.com/e-m-b-a/emba EMBA] - is designed as the central firmware analysis tool for penetration testers and product security teams. It supports the complete security analysis process starting with firmware extraction, doing static analysis and dynamic analysis via emulation and finally generating a web report.
*[https://github.com/rampageX/firmware-mod-kit Firmware Modification Kit] - is a collection of scripts and utilities to extract and rebuild linux based firmware images.
*[https://web.archive.org/web/20210331144912/https://protectionid.net/ ProtectionID] - Great little tool to scan a Windows binary payload for overlays and packers. [[File:ProtectionId.690.December.2017.zip|thumb|PiD.690.zip]] [https://www.virustotal.com/gui/file/26c54eb376183d508ee129531728f9e01d30f0df29d7621f390e8f0ea6a1c79c/community VT link], pw: recessim.com
*[https://github.com/horsicq/Detect-It-Easy Detect-It-Easy] - abbreviated "DIE" is a program for determining types of files. "DIE" is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS.
*[https://www.mitec.cz/exe.html MiTeC Portable Executable Reader/Explorer] - is a tool that reads and displays executable file properties and structures. It is compatible with PE32 (Portable Executable), PE32+ (64bit), NE (Windows 3.x New Executable) and VxD (Windows 9x Virtual Device Driver) file types. .NET executables are supported too.
*[https://github.com/ExeinfoASL/ASL ExeInfoPe] - is a tool that can detect packers, compilers, protectors, .NET obfuscators, PUA applications.
*[https://github.com/hasherezade/pe-bear PE-bear] - is a Portable Executable reversing tool with a friendly GUI using the Capstone Engine and is Open Source!
====Hex Editors====
*[https://github.com/WerWolv/ImHex ImHex] - is A a Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
*[https://mh-nexus.de/en/hxd/ HxD] - is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.
*[https://malcat.fr/index.html MalCat] - is a feature-rich hexadecimal editor / disassembler for Windows and Linux targeted to IT-security professionals. Inspect more than 40 binary file formats, dissassemble and decompile different CPU architectures, extract embedded files and scan for Yara signatures or anomalies in a fast and easy-to-use graphical interface.
====Pattern Matching/ Pattern Searching====
*[https://github.com/VirusTotal/yara Yara] - is a pattern matching swiss knife in the IT Security Researchers branch.
*[https://github.com/BurntSushi/ripgrep ripgrep (rg)] - is a line-oriented search tool that recursively searches the current directory for a regex pattern. By default, ripgrep will respect gitignore rules and automatically skip hidden files/directories and binary files.
*[https://linux.die.net/man/1/grep grep] - searches the named input FILEs (or standard input if no files are named, or if a single hyphen-minus (-) is given as file name) for lines containing a match to the given PATTERN. By default, grep prints the matching lines.
*[https://github.com/stefankueng/grepWin grepWin] - is a simple yet powerful search and replace tool which can use regular expressions to do its job. This allows to do much more powerful searches and replaces.
*[https://astrogrep.sourceforge.net/ AstroGrep] - is a Microsoft Windows grep utility. Grep is a UNIX command-line program which searches within files for keywords. AstroGrep supports regular expressions, versatile printing options, stores most recently used paths and has a "context" feature which is very nice for looking at source code.
====IAT Reconstructors (Windows)====
*[https://github.com/x64dbg/Scylla NtQuery Scylla] - is a Windows Portable Executable imports reconstructor Open Source and part of x64dbg.
====Process Dumpers (Windows)====
*[https://github.com/glmcdona/Process-Dump Process Dump (pd)] - is a Windows reverse-engineering tool to dump malware memory components back to disk for analysis. It uses an aggressive import reconstruction approach to make analysis easier, and supports 32 and 64 bit modules. Dumping of regions without PE headers is supported and in these cases PE headers and import tables will automatically be generated.
*[https://github.com/EquiFox/KsDumper KsDumper] - is a tool for dumping processes using the power of kernel space.
====API monitoring ring3 (Windows)====
*[https://github.com/hasherezade/tiny_tracer tiny_tracer] - is a Pin Tool for tracing API calls including parameters of selected functions, selected instructions RDTSC, CPUID, INT, inline system calls inc parameters of selected syscalls and more.
====Virtualization technology (host isolation) or sandboxes====
*[https://github.com/firecracker-microvm/firecracker Firecracker] - is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models.
*[https://www.redhat.com/en/technologies/cloud-computing/openshift/virtualization Red Hat OpenShift Virtualization] - Red Hat® OpenShift® Virtualization, a feature of Red Hat OpenShift, allows IT teams to run virtual machines alongside containers on the same platform, simplifying management and improving time to production.
*[https://xenproject.org/ Xen Project] - The Xen Project focuses on revolutionizing virtualization by providing a versatile and powerful hypervisor that addresses the evolving needs of diverse industries.
*[https://github.com/sandboxie-plus/Sandboxie Sandboxie] - is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying local & mapped drives or the Windows registry.
*[https://github.com/kpcyrd/boxxy-rs boxxy-rs] - is a linkable sandbox explorer. "If you implement boundaries and nobody is around to push them, do they even exist?". Have you ever wondered how your sandbox looks like from the inside? Tempted to test if you can escape it, if only you had a shell to give it a try?
*[https://www.virtualbox.org/ Oracle VM VirtualBox] - is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 3.
*[https://www.vmware.com/ VMware] - is a virtualization and cloud computing software provider based in Palo Alto, Calif.
*[https://www.qemu.org/ QEMU] - A generic and open source machine emulator and virtualizer.
*[https://linux-kvm.org/page/Main_Page KVM (for Kernel-based Virtual Machine)] - is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V). It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko.
*[https://www.proxmox.com/en/proxmox-virtual-environment/overview Proxmox] - is a complete, open-source server management platform for enterprise virtualization. It tightly integrates the KVM hypervisor and Linux Containers (LXC), software-defined storage and networking functionality, on a single platform.
----
*[https://github.com/rizinorg/cutter Cutter] - is a free and open-source reverse engineering platform powered by rizin. It aims at being an advanced and customizable reverse engineering platform while keeping the user experience in mind. Cutter is created by reverse engineers for reverse engineers.
*[https://github.com/joelpx/plasma Plasma] - Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
*[https://github.com/eteran/edb-debugger edb] - is a cross platform AArch32/x86/x86-64 debugger. It was inspired by Ollydbg, but aims to function on AArch32, x86, and x86-64 as well as multiple OS's.
*[https://github.com/wisk/medusa Medusa] - is a disassembler designed to be both modular and interactive. It runs on Windows and Linux, it should be the same on OSX.
*[https://github.com/mandiant/rvmi rVMI] - is a debugger on steroids. It leverages Virtual Machine Introspection (VMI) and memory forensics to provide full system analysis. This means that an analyst can inspect userspace processes, kernel drivers, and pre-boot environments in a single tool.
*[https://www.sourceware.org/gdb/ GDB] - the GNU Project debugger, allows you to see what is going on `inside' another program while it executes, or what another program was doing at the moment it crashed.
::GDB Plugins/Integrations/Templates
:::*[https://github.com/pwndbg/pwndbg pwndbg] - is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers.
*[https://github.com/capstone-engine/capstone Capstone] - is a disassembly/disassembler framework for ARM, ARM64 (ARMv8), BPF, Ethereum VM, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
====Debugging and Profiling dynamic analysis (Linux)====
====Debugger / disassembler for manged binaries====
=====.NET(CLR)===== *[https://github.com/dnSpy/dnSpy dnSpy] - is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available.
*[https://github.com/dnSpyEx/dnSpy dnSpyEx (newly maintained repo & '''added features''')] - is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available.
*[https://github.com/dnSpy/dnSpy dnSpy (archived repo)] - is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available.
*[https://github.com/icedland/iced Iced] - Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for Rust, .NET, Java, Python, Lua.
*[https://github.com/icsharpcode/ILSpy ILSpy] - NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
*[https://www.telerik.com/products/decompiler.aspx Telerik JustDecompile] - is a free .NET decompiler and assembly browser that makes high-quality .NET decompilation easy With an open source decompilation engine.
::*[https://github.com/ViRb3/de4dot-cex de4dot CEx] - is a deobfuscator based on de4dot with full support for vanilla ConfuserEx.::*[https://github.com/de4dot/de4dot de4dot] - is a .NET deobfuscator and unpacker.::*[https://github.com/NotPrab/.NET-Deobfuscator Lists of .NET deobfuscatorsand unpackers (Open Source)] - A curated list of open source deobfuscators and more.
======.NET memory dumpers====== ::*[https://github.com/wwh1004/ExtremeDumper ExtremeDumper] - is a .NET Assembly Dumper (source code available).::*[https://github.com/ViRb3fremag/de4dotMemoScope.Net MemoScope.Net] -cex de4dot CExis a tool to analyze .Net process memory: it can dump an application's memory in a file and read it later. The dump file contains all data (objects) and threads (state, stack, call stack).::*[https://github.com/0x410c/ClrDumper ClrDumper] - is a deobfuscator based on de4dot with full support for vanilla ConfuserExtool that can dump .NET assemblies and scripts from native clr loaders, managed assembly and vbs, jscript or powershell scripts.
::*[http://www.reteam.org/board/showthread.php?t=====JAVA=====939 dotNET Tracer 2.0 by Kurapika] - is a simple tool that has a similar functionality to RegMon or FileMon but it's designed to trace events in .NET assemblies in runtime. [[File:KDT2.0.zip|thumb]] [https://www.virustotal.com/gui/file/d29afcc5115c28f9892f7a6d249423374ad77ac86f69b316665c347982975d02 VT1] [https://www.virustotal.com/gui/file/04cd51dbbc3d2b4fe4a721e4ad0c2f3012fe0f409dc902b430207ea25561ff8c VT2] (thermida packed), pw: recessim.com::*[https://github.com/smourier/TraceSpy TraceSpy] - is a open source and free, alternative to the very popular SysInternals DebugView tool.
*[https://github.com/Col-E/Recaf Recaf] - Recaf is an open-source Java bytecode editor that simplifies the process of editing compiled Java applications.
*[https://www.pnfsoftware.com/ JEB decompiler] - Decompile and debug Android dalvik, Intel x86, ARM, MIPS, RISC-V, S7 PLC, Java, WebAssembly & Ethereum Decompilers.
::*[https://github.com/skylot/jadx Jadx] - Dex to Java decompiler. Command-line and GUI tools for producing Java source code from Android Dex and apk files.::*[https://github.com/honeynet/apkinspector/ APKinspector] - is a powerful GUI tool for analysts to analyze the Android applications.::*[https://apktool.org/ Apktool] - A tool for reverse engineering Android apk files.::*[https://github.com/Konloch/bytecode-viewer Bytecode viewer] - is a Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)::*[https://github.com/niranjan94/show-java ShowJava] - is an APK (android application), JAR & Dex decompiler for android.::*[https://github.com/tp7309/TTDeDroid TTDeDroid] - is a tool for quickly decompiling apk/aar/dex/jar.::*[https://github.com/JesusFreke/smali smali/baksmali] - is an assembler/disassembler for the dex format used by dalvik, Android's Java VM implementation. The syntax is loosely based on Jasmin's/dedexer's syntax.
::*[https://github.com/java-deobfuscator/deobfuscator deobfuscator] - is a project that aims to deobfuscate most commercially-available obfuscators for Java. [https://github.com/java-deobfuscator/deobfuscator-gui GUI version github]
::*[https://github.com/GraxCode/threadtear Threadtear] - is a multifunctional deobfuscation tool for java, ZKM and Stringer support, Android support is in development.
::*[https://github.com/narumii/Deobfuscator Another Deobfuscator] - Some deobfuscator for java. Supports superblaubeere27 / JObf / sb27, Paramorphism 2.1.2_9, Caesium, Monsey, Skid/qProtect, Scuti, CheatBreaker, Bozar, ...
*[https://github.com/rocky/python-uncompyle6 uncompyle6] - is a native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2.
*[https://github.com/zrax/pycdc pycdc] - is a C++ python bytecode disassembler and decompiler.
*[https://github.com/Cisco-Talos/pyrebox PyREBox] - is a Python scriptable Reverse Engineering sandbox by Cisco-Talos. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective.
*[https://github.com/snare/voltron Voltron] - is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the attachment of utility views that can retrieve and display data from the debugger host.
*[https://github.com/mingyuan-xia/AppAudit AppAudit] - is an efficient program analysis tool that detects data leaks in mobile applications. It can accurately find all leaks within seconds and ~200 MB memory.
*[https://github.com/canyie/pine Pine] - is a dynamic java method hook framework on ART runtime, which can intercept almost all java method calls in the current process.
*[https://github.com/LSPosed/LSPlant LSPlant] - is an Android ART hook library, providing Java method hook/unhook and inline deoptimization.
*[https://github.com/LSPosed/LSPosed LSposed] - is a Riru / Zygisk module trying to provide an ART hooking framework which delivers consistent APIs with the OG Xposed, leveraging LSPlant hooking framework.
:Download all* tools in one archive, [https://github.com/direstraits96/BIOS-MOD-TOOLS/archive/refs/heads/main.zip click here]. [https://www.virustotal.com/gui/file/d8a75883ca8d292adcf40e5ed88584579b1c0c69f6ad5837fc56747233c56f9c VT link]
:Bios password resetting
::*[https://archive.org/details/hp-bios-reset-mazzif HP BIOS Password Reset by MAZZIF] - A live USB tool made by Mazzif to reset older HP BIOS passwords. [https://www.virustotal.com/gui/file/9ddd094edc286f2cb8d63158d226986d9a0c184ca450580dfaf9754005df9d41 VT link]
----
*[https://openboardview.org/ OpenBoardView] - is a Open Source Linux SDL/ImGui edition software for viewing .brd files, intended as a drop-in replacement for the "Test_Link" software and "Landrex".
*[https://www.cadence.com/ko_KR/home/tools/allegro-downloads-start.html Allegro®/OrCAD® FREE Physical Viewer] - is a free download that allows you to view and plot databases from Allegro PCB Editor, OrCAD PCB Editor, Allegro Package Designer, and Allegro PCB SI technology. *[http://boardviewer.net/ BoardViewer] - BoardViewer is software intended for viewing various boardview file typeslike .tvw files and much more supported formats.
*CADview - simple old tool for viewing CAD files of PCB's (Windows). [[File:CAD View.zip|thumb]] [https://www.virustotal.com/gui/file/9a64621ff34d8d674ba6580538908f4ea170fee9cc1cb700485bd41e3a3a42df VT link]
*[https://www.torproject.org/ Tor Browser] - [[Wikipedia:Tor_(network)|Tor]] (The Onion Router) is a network that anonymizes web traffic to provide truly private web browsing. The Tor Browser hides your IP address and browsing activity by redirecting web traffic through a series of different routers known as nodes.
*[https://guardianproject.info/apps/org.torproject.android/ Orbot for Android] - is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world. Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities.
====Public Networks====
*[https://www.torproject.org/ [[Wikipedia:Tor_(netwerk)|Tor]]] - is an open-source privacy network that enables anonymous web browsing. The worldwide Tor computer network uses secure, encrypted protocols to ensure that users' online privacy is protected.
*[https://geti2p.net/ The Invisible Internet Project [[Wikipedia:I2P|(I2P)]]] - is a fully encrypted private network layer. It protects your activity and location. Every day people use the network to connect with people without worry of being tracked or their data being collected.
*[https://www.freenet.de/ FreeNet] - is a peer-to-peer platform for censorship-resistant, anonymous communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship.
*[https://zeronet.io/ ZeroNet] - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network · We believe in open, free, and uncensored network.
*[https://lokinet.org/ Lokinet] - is an onion-router that lets you access the internet anonymously. Built on LLARP, the fastest onion-routing protocol in the world.
*[https://nymtech.net/ Nym] - protect internet traffic by routing it through a decentralised mixnet that can be accessed anonymously using zk-nyms.
====Email Clients / Email Encryption Standards====
====Chat Applications / Platforms====
*[https://www.teamspeak.com/ TeamSpeak] - is a VoIP application for audio communication between users via a chat channel, similar to a video meeting. Cross-platform with military-grade security, lag-free performance, privacy and complete control.
*[https://www.jabber.org/ Jabber] - is a original messaging service based on [https://xmpp.org/ XMPP] and has been continuously offered for free since 1999.
::XMPP clients
:::*[https://xmpp.org/software/ XMPP client list] - is a list of XMPP clients composed by XMPP itself.
:::*[https://otr.cypherpunks.ca/ Off-the-Record Messaging (OTR) for XMPP] - is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function.
*[https://getsession.org/ Session] - Session is an end-to-end encrypted messenger that minimises sensitive metadata, designed and built for people who want absolute privacy and freedom from any form of surveillance.
*[https://github.com/briar Briar] - is a messaging app designed for activists, journalists, and anyone else who needs a safe, easy and robust way to communicate. Unlike traditional messaging apps, Briar doesn't rely on a central server - messages are synchronized directly between the users' devices.
*[https://matrix.org/ Matrix] - is an open network for secure, decentralised communication.
:::*1. Stop using the installed electron PC based version. Use the web version.
:::*2. Android stock client is spoiled with rubbish code slowing down your SoC and sending loads of analytics, use [https://github.com/Aliucord/Aliucord Aliucord] instead (but carefully read the readme.md, ToS issue).
====Disk Encryption Software====
*[https://guardianproject.info/archive/luks/ Linux Unified Key Setup (LUKS)] - The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and originally intended for Linux. LUKS implements a platform-independent standard on-disk format for use in various tools
*[https://www.veracrypt.fr/code/VeraCrypt/ VaraCrypt] - VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. Support for on-the-fly encryption [[Wikipedia:Disk_encryption|(OTFE)]].
====Image Manipulation Tools====
*[https://obsproject.com/ OBS (Open Broadcaster Software)] - is free and Open Source software for video recording and live streaming.
*[https://streamlabs.com/ StreamLabs] - is free live streaming and recording software for Twitch, YouTube, and Facebook more for Windows or Mac.
====Social Network (self-hosted & open-source)====
[[File:Reverse Engineering Malware IDA & Olly Basics 5 parts by otw v1.pdf|thumb]] - A Reverse Engineering Malware introduction and bare basics IDA & Olly x86 (5 parts) by otw.
[https://unit42.paloaltonetworks.com/using-idapython-to-make-your-life-easier-part-1/ Using IDAPython to Make Your Life Easier: Part 1] - As a malware reverse engineer, I often find myself using IDA Pro in my day-to-day activities. It should come as no surprise, seeing as IDA Pro is the industry standard (although alternatives such as radare2 and Hopper are gaining traction). One of the more powerful features of IDA that I implore all reverse engineers to make use of is the Python addition, aptly named ‘IDAPython’, which exposes a large number of IDA API calls.
:[https://unit42.paloaltonetworks.com/using-idapython-to-make-your-life-easier-part-2/ Using IDAPython to Make Your Life Easier: Part 2]
:[https://unit42.paloaltonetworks.com/using-idapython-to-make-your-life-easier-part-3/ Using IDAPython to Make Your Life Easier: Part 3]
:[https://unit42.paloaltonetworks.com/using-idapython-to-make-your-life-easier-part-4/ Using IDAPython to Make Your Life Easier: Part 4]
:[https://unit42.paloaltonetworks.com/using-idapython-to-make-your-life-easier-part-5/ Using IDAPython to Make Your Life Easier: Part 5]
[https://github.com/Dump-GUY/Malware-analysis-and-Reverse-engineering Some publicly available Malware analysis and Reverse engineering] - is a curated list of awesome materials from the user Dump-GUY a former Forensic, Malware Analyst, Reverse Engineer. [https://www.youtube.com/c/DuMpGuYTrIcKsTeR Youtube channel].
[https://tryhackme.com/room/basicmalwarere BasicMalwareRE] - this room aims towards helping everyone learn about the basics of "Malware Reverse Engineering".
[https://class.malware.re/stuff/nardella/basic-reverse-engineering-immunity-debugger-36982.pdf Basic Reverse Engineering with Immunity Debugger] - SANS Institute Information Security Reading Room. Basic Reverse Engineering x86 with Immunity Debugger.
[https://gist.github.com/IdanBanani/5be0442ad390f89259b494098f450bfd Reversing / Malware Analysis / Assembly -resources] - is a large list of reversing materials and courses.