Debugging and Reverse Engineering

​Process Monitor– Advanced monitoring tool for Windows programs.
​Process Explorer –  Advanced task manager for Windows.
​Process Hacker – Tool that monitors system resources.
​RegShot – Registry compare utility that compares snapshots.
​LordPE – LordPE is an advanced application that facilitates tools for manipulating various parts of PE files. It features a PE editor, a breaking and entering function, PE rebuilder, unsplitter, and dumper server.
​upx – UPX homepage: the Ultimate Packer for eXecutables.
​Import Reconstructor (ImpRec) – This tool is designed to rebuild imports for protected/packed Win32 executables. It reconstructs a new Image Import Descriptor (IID), Import Array Table (IAT) and all ASCII module and function names.
​Wireshark – Wireshark is the world’s foremost and widely-used network protocol analyzer.
​AnalogX TextScan – It searches any binary file for a minimum and maximum string length, and then returns all occurrences in sorted order.
Deobfuscation
Memory
Last modified 2yr ago