(OllyDbg Plugins:)
PhantOm Plugin 1.51
Author: Hellsp@wn + Archer
Plug-in for concealment OllyDbg (plugin with the driver). Helps from following methods of detection:
// driver - extremehide.sys
[+] NtQueryInformationProcess.
[+] SetUnhandledExceptionFilter.
[+] OpenProcess.
[+] Invalid Handle.
[+] NtSetI [more...]
Date: 06 Jan : 16:55
Filesize: 47.09 kb
Total Downloads: 6275
(OllyScript - Editors:)
OllyScriptEditor 1.66c
Author: BriteDream
An editor for creating and editing scripts which can be used with the OllyScript plugin for OllyDbg.
Date: 04 Jan : 15:13
Filesize: 554.55 kb
Total Downloads: 299
(OllyDbg Engines / Modifications:)
OllyDbg 2.0 - Beta 1
Author: Oleh Yuschuk
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free. Specia [more...]
Date: 03 Jan : 07:42
Filesize: 764.2 kb
Total Downloads: 2848
(Anti-Debugging:)
Anti-Unpacker Tricks 2 - Part 1
Author: Peter Ferrie
Anti-unpacking tricks come in different forms, depending on what kind of unpacker they are intended to attack. Unpackers can be in the form of memory-dumpers, debuggers, or emulators:
• A memory-dumper dumps the process memory of the running pr [more...]
Date: 01 Jan : 16:32
Filesize: 55.88 kb
Total Downloads: 206
(Reverse Code Engineering:)
Reversing C++
Author: Paul Vincent Sabanal + Mark Vincent Yason
As reverse engineers, it is important that we are able to understand C++ concepts as they are represented in disassemblies and of course, have a big picture idea on what are the major pieces (classes) of the C++ target and how these pieces relate tog [more...]
Date: 01 Jan : 16:10
Filesize: 584.6 kb
Total Downloads: 174
(OllyScript - Scripts:)
Armadillo 3.xx - 6.xx HardwareID Patcher v1.0
Author: LCF-AT
Date: 27 Dec : 17:18
Filesize: 14.33 kb
Total Downloads: 174
(OllyDbg Engines / Modifications:)
OllyDbg - NoLoVeR
Author: Blow Smile
Plug-in to load, additional support for the mouse wheel window, Execryptor been detected. Rear number library functions.
Paste to copy BUG. Closed OD shortcuts ALT + Q, the environment variable settings can be automatically downloaded and loaded [more...]
Date: 27 Dec : 17:14
Filesize: 4.17 mb
Total Downloads: 421
(OllyDbg Engines / Modifications:)
OllyDbg - RAMOllyDBG
Author: phpbb3
Ollydbg moded for Execryptor & THEMIDA
Modified Execryptor
Modified THEMIDA
Add the possibility of deleting all points of stopping Remove all breakpoints
Auto path UDD & plugin
Reference search directly from the toolbar
Show offset [more...]
Date: 27 Dec : 17:12
Filesize: 1.65 mb
Total Downloads: 256
(OllyDbg Plugins:)
StrongOD 0.2.1.235
Author: Fengyue [CUG]
Make your OllyDbg Strong!
This plug-in provides three kinds of ways to initiate the process:
1, Normal - And the same manner as the original start, the STARTUPINFO inside unclean data
2, CreateAsUser - User with a mandate to initiate the proc [more...]
Date: 27 Dec : 17:12
Filesize: 116.73 kb
Total Downloads: 2010
(OllyScript - Scripts:)
Themida + WinLicense 1.1.0.0 - 2.0.5.0 Detect Exact Version
Author: Kissy
Date: 27 Dec : 17:09
Filesize: 1.16 kb
Total Downloads: 97
(OllyScript - Scripts:)
Themida + WinLicense 1.9.1.0 - 2.0.5.0 Detect Exact Version
Author: Playboysen
Date: 27 Dec : 17:07
Filesize: 1.09 kb
Total Downloads: 58
(Unpacking:)
Themida 1.9.1.0 - 2.0.5.0 (Finding Exact Version)
Author: What
Here is another tutorial that is not exactly an unpacking tutorial. It is a tutorial on how to find the exact version of Themida.
This method is known to work with Themida versions from 1.9.1.0 to 2.0.5.0.
Date: 27 Dec : 16:24
Filesize: 1.14 mb
Total Downloads: 603
(OllyDbg Plugins:)
ODBGScript 1.66.3
Author: SHaG & Epsylon3
ODbgScript is a plugin for OllyDbg, which is, in our opinion, the best application-mode debugger out there. One of the best features of this debugger is the plugin architecture which allows users to extend its functionality. ODbgScript is a plugin me [more...]
Date: 21 Dec : 06:48
Filesize: 374.46 kb
Total Downloads: 5106
(Programming / Coding:)
C++ Pointers
Author: [ Various Authors ]
A various collection of tutorials and papers explaining and showing how to best use C++ pointers.
Date: 20 Dec : 07:35
Filesize: 3 mb
Total Downloads: 265
(Cryptography Tools:)
Msieve 1.39 + GUI 1.1
Author: Jason Papadopoulos + Anogrganix
Factoring is the study (half math, half engineering, half art form) of taking big numbers and expessing them as the product of smaller numbers. If I find out 15 = 3 * 5, I've performed an integer factorization on the number 15. As the number to [more...]
Date: 20 Dec : 07:35
Filesize: 494.47 kb
Total Downloads: 2847
(Debugging with IDA - The Interactive Disassembler:)
TiGa 09 - Alien Autopsy rev. 2008
Author: TiGa
Alien Autopsy rev. 2008 with IDA.
Date: 20 Dec : 07:32
Filesize: 2.39 mb
Total Downloads: 186
(Debugging with IDA - The Interactive Disassembler:)
TiGa 10 - Unpacking Deroko x64 UnPackMe
Author: TiGa
A tutorial showing a solution to Deroko's x64 unpackme using IDA.
Date: 20 Dec : 07:30
Filesize: 1.71 mb
Total Downloads: 144
(Debugging with IDA - The Interactive Disassembler:)
TiGa 11 - Solving Pnluck x64 CrackMe
Author: TiGa
A solution to Pnluck's x64 crackme using IDA.
Date: 20 Dec : 07:28
Filesize: 2.28 mb
Total Downloads: 143
(Unpacking:)
VMProtect 1.70.4 (Unpacking)
Author: Nooby
A Shockwave Flash movie tutorial showing a method of unpacking VMProtect 1.70.4.
Date: 20 Dec : 07:25
Filesize: 5.74 mb
Total Downloads: 419
(Immunity Manuals & Development Kits:)
PDK for Delphi 1.02
Author: BoB
This is an update to the Immunity Debugger (unofficial) Delphi PDK...
New in this version:
- All debugger exports are resolved dynamically. This means your plugin will not be forced to use debugger with certain name, which is useful for evading [more...]
Date: 20 Dec : 06:46
Filesize: 33.15 kb
Total Downloads: 355
(UnpackMe (PE32bit):)
Armadillo 6.2.4.624
Author: thisistest
Date: 20 Dec : 06:31
Filesize: 750.05 kb
Total Downloads: 158
(Unpacking:)
Armadillo 6.xx (Hardware Fingerprint)
Author: Playboysen
A Shockwave Flash movie tutorial showing a method of unpacking Armadillo 6.xx with Hardware Identification Lock feature enabled.
Date: 20 Dec : 06:27
Filesize: 8.63 mb
Total Downloads: 415
(UnpackMe (PE32bit):)
DotFix NiceProtect 3.6
Author: HSN.C3r
Date: 20 Dec : 06:25
Filesize: 276.16 kb
Total Downloads: 37
(UnpackMe (PE32bit):)
Enigma 1.55
Author: Sp1d3rZ
Date: 20 Dec : 06:24
Filesize: 385.46 kb
Total Downloads: 39
(UnpackMe (PE32bit):)
NoobyProtect SE Public 1.0.9.6
Author: [ Unknown Author ]
Date: 20 Dec : 06:23
Filesize: 1.8 mb
Total Downloads: 50
(UnpackMe (PE32bit):)
Sh4DoW
Author: Sh4DoW
Date: 20 Dec : 06:22
Filesize: 96.69 kb
Total Downloads: 47
(OllyScript - Scripts:)
Themida + WinLicense 1.9 - 2.0 IAT Repair
Author: Nooby
Date: 20 Dec : 06:20
Filesize: 2.9 kb
Total Downloads: 95
(UnpackMe (PE32bit):)
VMProtect 1.70.4
Author: HSN.C3r
Date: 20 Dec : 06:19
Filesize: 368.66 kb
Total Downloads: 51
(Miscellaneous Tools:)
HideSyser Plugin 1.94
Author: Alejandro Mundo
Syser is a wonderfull tool but not have a lot of plugins for it. I make one plugin (in a beta stage) that have 2 functions:
- Use "gta" or "getaddr" command in Syser control panel for get a kernel function memory address, ex.& [more...]
Date: 30 Nov : 03:15
Filesize: 3.89 kb
Total Downloads: 166
(Debuggers / Disassemblers:)
c32asm 0.8.8
Author: PLL621
A W32Dasm alternative disassembler in English and Chinese. Unfortunately this tool is no longer in development, 0.4.12 is the last known official version released. However various individuals have continued adding slight improvements and bug fixes to [more...]
Date: 25 Nov : 06:43
Filesize: 1.61 mb
Total Downloads: 3370
(OllyDbg Plugins:)
MagicHideOllyDbg 1.01
Author: EasyStudy
Here's a quick list of MagicHideOllyDbg's function:
- erases debug-heap padding
- erases BeingDebugged flag in the PEB
- erases NtGlobalFag in the PEB
- adjusts heap flags to default values
- disables kernel32!OutputDebugStringA() f [more...]
Date: 25 Nov : 06:27
Filesize: 11.78 kb
Total Downloads: 460
(OllyScript - Scripts:)
ACProtect OEP Finder + IAT Repair v1.2
Author: zpunpack
Date: 23 Nov : 04:05
Filesize: 5.5 kb
Total Downloads: 180
(Immunity Plugins:)
Imm_Command Bar 3.10.109c
Author: Gigapede
I remodeled command line plugin to a bar type in the lowest position of a main window. I add some commands and a candidate command indication function. About a command, please refer to a help of command line plugin.
Date: 23 Nov : 04:04
Filesize: 32.27 kb
Total Downloads: 146
(OllyScript - Scripts:)
MFC Conditional Breakpoint
Author: Externalist + Playboysen
Date: 23 Nov : 04:01
Filesize: 2.06 kb
Total Downloads: 135
(OllyScript - Scripts:)
VMProtect 1.7 IAT Repair
Author: Nooby
Date: 23 Nov : 03:27
Filesize: 1.53 kb
Total Downloads: 173
(Anti-Debugging:)
Anti-Reverse Engineering Guide
Author: Josh Jackson + Nicolas Falliere
An individual reading this should have a solid understanding of ASM, how computers handle memory, the Win32 Debugging API, and at least some knowledge of Windows internals. This code most likely will not work on any *nix platform due to the fundament [more...]
Date: 21 Nov : 19:44
Filesize: 514.24 kb
Total Downloads: 745
(OllyScript - Scripts:)
ID Application Protector 1.2 Unpacker v1.01
Author: Playboysen
Date: 21 Nov : 19:42
Filesize: 886 b
Total Downloads: 86
(OllyScript - Scripts:)
MoleBox Package Extractor
Author: Shadow
Date: 21 Nov : 19:42
Filesize: 179.48 kb
Total Downloads: 228
(OllyScript - Scripts:)
Themida + WinLicense 1.x.x - 2.x.x CodeEncrypt Repair
Author: Quosego
Date: 21 Nov : 19:40
Filesize: 1.12 kb
Total Downloads: 306
(Unpacking:)
Themida 2.0.3 (Unpacking)
Author: HSN.C3r
A Shockwave Flash movie tutorial showing a method of unpacking Visual Basic targets protected with Themida (all versions up to and including 2.0.3).
Date: 21 Nov : 19:38
Filesize: 2.17 mb
Total Downloads: 1122
[ Tuts 4 You ]
