Red Teaming and Malware Analysis
@sirpedrotavaresseguranca-informatica.pt0xSI_f33d
Search…
About
Red Teaming
Cheat Sheet
Active Directory 101
Fuzzing and Web
Initial Foothold
Privilege Escalation (Privesc)
Lateral Movement (Pivoting)
Persistence
Command and Control (C&C)
Data Exfiltration
CVE & Exploits / CTF
Tools
Resources
Malware Analysis
Unpacking
Basic tips
Malware instrumentation with frida
Tools
Debuggers / Disassemblers
Decompilers
Detection and Classification
Deobfuscation
Debugging and Reverse Engineering
Memory
File Analysis
Emulators
Network Traffic Analysis
Other
Online Tools
Resources
Mobile
Tools
Reverse iOS ipa
Reverse Android APKs
Basic tips
Resources
IoT / Reverse / Firmware
Basic tips
Reverse IoT devices
Tools
Resources
Powered By GitBook
Debuggers / Disassemblers
Ollydbg [v1.10 or v2.0.] – OllyDbg is a 32-bit assembler level analyzing debugger for Microsoft® Windows®.
Ollydbg Plugins: StrongOD (OllyDbg plugin) – This plug-in provides three kinds of ways to initiate the process. Ollydbg with 10 plugins – StrongOD v0.4.8.892; PhantOm Plugin v1.85; OllyStepNSearch v0.6.2; OllyDump v3.00.110; EasyController v1.0.5.0; Analyze This v0.1; Labless v1.1.2.85
​OllyDRX – A modified version of Ollydgb with useful plugins.
​Immunity Debugger – It’s a powerful new way to write exploits, analyze malware, and reverse engineer binary files.
​WINDBG – Microsoft Windows Debugger (WinDbg) is a powerful Windows-based debugger that is capable of both user-mode and kernel-mode debugging (my favourite tool).
​x64dbg – An open-source x64/x32 debugger for Windows. Please, see all the available plugins here.
MapoAnalyzer v1.3 - Code analysis, decompiling plugin for x64dbg_Maposafe_The Code Virtualization Protection Leader
​
​IDA PRO – IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger that offers so many features it is hard to describe them all.
IDA PRO Plugins: IDAGolangHelper – Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary.
​hashdb-ida: HashDB API hash lookup plugin for IDA Pro.
​ScyllaHide – ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It can be used both in Ollydbg and X64dbg. Enjoy it.
​flare-ida – This repository contains a collection of IDA Pro scripts and plugins used by the FireEye Labs Advanced Reverse Engineering (FLARE) team.
​GHIDRA – A software reverse engineering (SRE) suite of tools developed by NSA’s Research Directorate in support of the Cybersecurity mission.
​Hopper – The macOS and Linux Disassembler.
​plasma – PLASMA is an interactive disassembler. It can generate a more readable assembly (pseudo code) with colored syntax.
Previous
Tools
Next
Decompilers
Last modified 3mo ago
Copy link