Debugging and Reverse Engineering

Process Monitor– Advanced monitoring tool for Windows programs.

Process Explorer – Advanced task manager for Windows.

Process Hacker – Tool that monitors system resources.

RegShot – Registry compare utility that compares snapshots.

LordPE – LordPE is an advanced application that facilitates tools for manipulating various parts of PE files. It features a PE editor, a breaking and entering function, PE rebuilder, unsplitter, and dumper server.

upx – UPX homepage: the Ultimate Packer for eXecutables.

Import Reconstructor (ImpRec) – This tool is designed to rebuild imports for protected/packed Win32 executables. It reconstructs a new Image Import Descriptor (IID), Import Array Table (IAT) and all ASCII module and function names.

Wireshark – Wireshark is the world’s foremost and widely-used network protocol analyzer.

AnalogX TextScan – It searches any binary file for a minimum and maximum string length, and then returns all occurrences in sorted order.