All programmers/hackers must have the following tools:
1.Rohitabs API Monitor
1.Rohitabs API Monitor is a free software that lets you monitor and control API calls made by applications and services. Its a powerful tool for seeing how applications and services work or for tracking down problems that you have in your own applications.
2. Process hacker
Process hacker is great tool to have.I don't usually relly on antiviruses for my pc I just Kill them Virus as system user which increases Pc performance due to loss of antivirus load.
Behold AnalogX PCalc
If you're a programmer, you've probably downloaded a so-called 'programmer's calculator' at least once in your life, only to be sorely disappointed. I'm sorry, but displaying the results in hex and/or binary doesn't make a calculator a 'programmer's calculator', nor does making 42 a constant in it either! Someone should do something about this, and someone has...
Programmers around the world, your prayers have been answered , The programmers calculator. Forget putting up lame buttons with numbers on them; that's fine in the real world, but hardly useful in a GUI, let's instead focus on functionality, and that's just what I did.
AnalogX PCalc allows you to enter any equation in the EXACT same format as C/C++, and it will process it with the same precedence, giving you the results in a variety of formats! PCalc also supports the use of user-defined variables, and also has most of the common constants used already defined.
PCalc works on versions of Windows, from Window 95 to Windows 7 and everything inbetween (including XP, Vista, Win2k, etc).
x86 Disassemblers
Here we are going to list some commonly available disassembler tools. Notice that there are professional disassemblers (which cost money for a license) and there are freeware/shareware disassemblers. Each disassembler will have different features, so it is up to you as the reader to determine which tools you prefer to use. Commercial Windows Disassemblers
IDA Pro
Hopper Disassembler
OBJ2ASM
is an object file disassembler for 16 and 32 bit x86 object files in Intel OMF, Microsoft COFF format, Linux ELF or Mac OS X Mach-O format.
PE Explorer
is a disassembler that "focuses on ease of use, clarity and navigation." It isn't as feature-filled as IDA Pro, but carries a smaller price tag to offset the missing functionality: $130
PE Explorer
W32DASM
W32DASM was an excellent 16/32 bit disassembler for Windows, it seems it is no longer developed. the latest version available is from 2003. the website went down and no replacement went up.
Commercial Freeware/Shareware Windows Disassemblers
OllyDbg
OllyDbg is one of the most popular disassemblers recently. It has a large community and a wide variety of plugins available. It emphasizes binary code analysis. Supports x86 instructions only (no x86_64 support).
Free Windows Disassemblers
Objconv
A command line disassembler supporting 16, 32, and 64 bit x86 code. Latest instruction set (SSE4, AVX, XOP, FMA, etc.), several object file formats, several assembly syntax dialects. Windows, Linux, BSD, Mac. Intelligent analysis.
IDA 3.7
A DOS GUI tool that behaves very much like IDA Pro, but is considerably more limited. It can disassemble code for the Z80, 6502, Intel 8051, Intel i860, and PDP-11 processors, as well as x86 instructions up to the 486.
IDA Pro Freeware
Behaves almost exactly like IDA Pro, but disassembles only Intel x86 opcodes and is Windows-only. It can disassemble instructions for those processors available as of 2003. Free for non-commercial use.
(version 4.1) http://www.themel.com/idafree.zip
(version 4.3) http://www.datarescue.be/idafreeware/freeida43.exe
(version 5.0) http://www.hex-rays.com/idapro/idadownfreeware.htm
BORG Disassembler
BORG is an excellent Win32 Disassembler with GUI.
HT Editor
An analyzing disassembler for Intel x86 instructions. The latest version runs as a console GUI program on Windows, but there are versions compiled for Linux as well.
http://hte.sourceforge.net/
Storm64
diStorm is an open source highly optimized stream disassembler library for 80x86 and AMD64.
crudasm
crudasm is an open source disassembler with a variety of options. It is a work in progress and is bundled with a partial decompiler.
BeaEngine
BeaEngine is a complete disassembler library for IA-32 and intel64 architectures (coded in C and usable in various languages : C, Python, Delphi, PureBasic, WinDev, masm, fasm, nasm, GoAsm).
Visual DuxDebugger
is a 64-bit debugger disassembler for Windows.
BugDbg
is a 64-bit user-land debugger designed to debug native 64-bit applications on Windows.
DSMHELP
Disassemble Help Library is a disassembler library with single line Epimorphic assembler. Supported instruction sets - Basic,System,SSE,SSE2,SSE3,SSSE3,SSE4,SSE4A,MMX,FPU,3DNOW,VMX,SVM,AVX,AVX2,BMI1,BMI2,F16C,FMA3,FMA4,XOP.
http://dsmhelp.narod.ru/ (in Russian)
Unix Disassemblers
Bastard Disassembler
The Bastard disassembler is a powerful, scriptable disassembler for Linux and FreeBSD.
http://bastard.sourceforge.net/
udis86
Disassembler Library for x86 and x86-64
http://udis86.sourceforge.net/
Objconv
See above.
ciasdis
The official name of ciasdis is computer_intelligence_assembler_disassembler. This Forth-based tool allows to incrementally and interactively build knowledge about a code body. It is unique that all disassembled code can be re-assembled to the exact same code. Processors are 8080, 6809, 8086, 80386, Pentium I en DEC Alpha. A scripting facility aids in analyzing Elf and MSDOS headers and makes this tool extendable. The Pentium I ciasdis is available as a binary image, others are in source form, loadable onto lina Forth, available from the same site.
http://home.hccnet.nl/a.w.m.van.der.horst/ciasdis.html
objdump
comes standard, and is typically used for general inspection of binaries. Pay attention to the relocation option and the dynamic symbol table option.
gdb
comes standard, as a debugger, but is very often used for disassembly. If you have loose hex dump data that you wish to disassemble, simply enter it (interactively) over top of something else or compile it into a program as a string like so: char foo[] = {0x90, 0xcd, 0x80, 0x90, 0xcc, 0xf1, 0x90};
lida linux interactive disassembler
an interactive disassembler with some special functions like a crypto analyzer. Displays string data references, does code flow analysis, and does not rely on objdump. Utilizes the Bastard disassembly library for decoding single opcodes. The project was started in 2004 and remains dormant to this day.
http://lida.sourceforge.net
dissy
This program is a interactive disassembler that uses objdump.
http://code.google.com/p/dissy/
x86dis
This program can be used to display binary streams such as the boot sector or other unstructured binary files.
ldasm
LDasm (Linux Disassembler) is a Perl/Tk-based GUI for objdump/binutils that tries to imitate the 'look and feel' of W32Dasm. It searches for cross-references (e.g. strings), converts the code from GAS to a MASM-like style, traces programs and much more. Comes along with PTrace, a process-flow-logger.
http://www.feedface.com/projects/ldasm.html
Objconv
A command line disassembler supporting 16, 32, and 64 bit x86 code. Latest instruction set (SSE4, AVX, XOP, FMA, etc.), several object file formats, several assembly syntax dialects. Windows, Linux, BSD, Mac. Intelligent analysis.
IDA 3.7
A DOS GUI tool that behaves very much like IDA Pro, but is considerably more limited. It can disassemble code for the Z80, 6502, Intel 8051, Intel i860, and PDP-11 processors, as well as x86 instructions up to the 486.
IDA Pro Freeware
Behaves almost exactly like IDA Pro, but disassembles only Intel x86 opcodes and is Windows-only. It can disassemble instructions for those processors available as of 2003. Free for non-commercial use.
(version 4.1) http://www.themel.com/idafree.zip
(version 4.3) http://www.datarescue.be/idafreeware/freeida43.exe
(version 5.0) http://www.hex-rays.com/idapro/idadownfreeware.htm
BORG Disassembler
BORG is an excellent Win32 Disassembler with GUI.
HT Editor
An analyzing disassembler for Intel x86 instructions. The latest version runs as a console GUI program on Windows, but there are versions compiled for Linux as well.
http://hte.sourceforge.net/
Storm64
diStorm is an open source highly optimized stream disassembler library for 80x86 and AMD64.
crudasm
crudasm is an open source disassembler with a variety of options. It is a work in progress and is bundled with a partial decompiler.
BeaEngine
BeaEngine is a complete disassembler library for IA-32 and intel64 architectures (coded in C and usable in various languages : C, Python, Delphi, PureBasic, WinDev, masm, fasm, nasm, GoAsm).
Visual DuxDebugger
is a 64-bit debugger disassembler for Windows.
BugDbg
is a 64-bit user-land debugger designed to debug native 64-bit applications on Windows.
DSMHELP
Disassemble Help Library is a disassembler library with single line Epimorphic assembler. Supported instruction sets - Basic,System,SSE,SSE2,SSE3,SSSE3,SSE4,SSE4A,MMX,FPU,3DNOW,VMX,SVM,AVX,AVX2,BMI1,BMI2,F16C,FMA3,FMA4,XOP.
http://dsmhelp.narod.ru/ (in Russian)
Unix Disassemblers
Bastard Disassembler
The Bastard disassembler is a powerful, scriptable disassembler for Linux and FreeBSD.
http://bastard.sourceforge.net/
udis86
Disassembler Library for x86 and x86-64
http://udis86.sourceforge.net/
Objconv
See above.
ciasdis
The official name of ciasdis is computer_intelligence_assembler_disassembler. This Forth-based tool allows to incrementally and interactively build knowledge about a code body. It is unique that all disassembled code can be re-assembled to the exact same code. Processors are 8080, 6809, 8086, 80386, Pentium I en DEC Alpha. A scripting facility aids in analyzing Elf and MSDOS headers and makes this tool extendable. The Pentium I ciasdis is available as a binary image, others are in source form, loadable onto lina Forth, available from the same site.
http://home.hccnet.nl/a.w.m.van.der.horst/ciasdis.html
objdump
comes standard, and is typically used for general inspection of binaries. Pay attention to the relocation option and the dynamic symbol table option.
gdb
comes standard, as a debugger, but is very often used for disassembly. If you have loose hex dump data that you wish to disassemble, simply enter it (interactively) over top of something else or compile it into a program as a string like so: char foo[] = {0x90, 0xcd, 0x80, 0x90, 0xcc, 0xf1, 0x90};
lida linux interactive disassembler
an interactive disassembler with some special functions like a crypto analyzer. Displays string data references, does code flow analysis, and does not rely on objdump. Utilizes the Bastard disassembly library for decoding single opcodes. The project was started in 2004 and remains dormant to this day.
http://lida.sourceforge.net
dissy
This program is a interactive disassembler that uses objdump.
http://code.google.com/p/dissy/
x86dis
This program can be used to display binary streams such as the boot sector or other unstructured binary files.
ldasm
LDasm (Linux Disassembler) is a Perl/Tk-based GUI for objdump/binutils that tries to imitate the 'look and feel' of W32Dasm. It searches for cross-references (e.g. strings), converts the code from GAS to a MASM-like style, traces programs and much more. Comes along with PTrace, a process-flow-logger.
http://www.feedface.com/projects/ldasm.html
No comments:
Post a Comment