Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'ida' or ''.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

  1. Since I love game hacking, I have been looking for ida pro for a long time, but the price is very high, so I wanted to share it. This crack does not belong to me. I first tested it on the virtual machine, then I used it on my main machine. It has been about 4 months and I have not experienced any problems, but you are still responsible. 😀 (Sory for my bad eng) [Hidden Content] Thanks - kedi
  2. MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz Language: German | Size: 2.64GB | Duration: 3h 45m A perfect introduction to the topic What you'll learn you get to know all 32 and 64 bit registers you get to know all register commands which protection software is behind the exe dealing with IDA, X92DBG, Cutter,Die, Ghidra, Procdot,PROCMON dealing with Cheat Engine Requirements PC Have you always wanted to get started with reverse engineering? Then this course is the right introductory course for reverse engineering. Here you will learn how to test your EXE for vulnerabilities, how to bypass anti-debuggers and how assembler code is structured. However, before you start hacking, you first need to find out what the program was written in and what obfuscator or protection software was used to protect the program. Then let's look at all the assembler commands and register entries in theory and in the practice. You will also get to know the registry and learn how to pentest program trial versions. Of course, Procdot and Procmon, Fakenet-ng, which record all activities, including which server the program accesses, how often it does it, should not be missing. which files it creates, which files it changes due to the response from the server, etc. We can then evaluate these later and find out where individual values are stored and who owns the server and what the website is called. Of course, Cheatengine, Ghidra and IDA pro also help us, so that our effort is significantly reduced. As you can see, this course is a perfect introduction to the topic of reverse engineering. [hide][Hidden Content]]
  3. efiXplorer – IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: every time we focus on the last versions of IDA and Decompiler because trying to use the most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations. Why not IDApython: all code developed in C++ because it’s a more stable and performant way to support a complex plugin and get the full power of the most recent SDK’s features. Supported Platforms: Win, Linux, and OSX (x86/x64). [hide][Hidden Content]]
  4. FindFunc is an IDA PRO plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints. This is not a competitor to tools like Diaphora or BinNavi, but it is ideal to find a known function in a new binary for cases where classical bindiffing fails. Filtering with Rules The main functionality of FindFunc is letting the user specify a set of “Rules” or constraints that a code function in IDA PRO has to satisfy. FF will then find and list all functions that satisfy ALL rules (so currently all Rules are in an AND-conjunction). Exception: Rules can be “inverted” to be negative matches. Such rules thus conform to “AND NOT”. FF will schedule the rules in a smart order to minimize processing time. Feature overview: Currently, 6 Rules are available, see below Code matching respects Addressing-Size-Prefix and Operand-Size-Prefix Aware of function chunks Smart scheduling of rules for performance Saving/Loading rules from/to file in simple ascii format Several independent Tabs for experimentation Copying rules between Tabs via clipboard (same format as a file format) Advanced copying of instruction bytes (all, opcodes only, all except immediate) Button “Search Functions” clears existing results and starts a fresh search, “Refine Results” considers only results of the previous search. Advanced Binary Copying A secondary feature of FF is the option to copy binary representation of instructions with the following options: copy all -> copy all bytes to the clipboard copy without immediate -> blank out (AA ?? BB) any immediate values in the instruction bytes opcode only -> will blank out everything except the actual opcode(s) of the instruction (and prefixes) Changelog v1.4 new: clone tab option to clone rule + result list (right click on tab) new: add advanced copy menu: mask all but opcode and immediate guard against empty or invalid input when editing middle-click copies the resp. cell in rules and result tables to clipboard allow pasting immediates directly (0xABC or ABCh for hex, else dec) immediate-rules are now serialized in hex representation inverted rules now have red font-color rename button ‘Search Functions’ to ‘Find Functions’ – branding! 😉 [hide][Hidden Content]]
  5. IDA Pro The best-of-breed binary code analysis tool, an indispensable item in the toolbox of world-class software analysts, reverse engineers, malware analyst and cybersecurity professionals. A powerful disassembler and a versatile debugger IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation (assembly language). Advanced techniques have been implemented into IDA Pro so that it can generate assembly language source code from machine-executable code and make this complex code more human-readable. The debugging feature augmented IDA with the dynamic analysis. It supports multiple debugging targets and can handle remote applications. Its cross-platform debugging capability enables instant debugging, easy connection to both local and remote processes and support for 64-bit systems and new connection possibilities. IDA 7.7.220218 (maintenance release) Improvements: + decompiler: improve handling of volatile reads (some were incorrectly propagated) + golang: apply reflection function prototypes to methods when available + golang: create function types from reflection metadata + PDB: support SP-relative local variables + UI: speed up Home/End/Digits navigation in sorted choosers Bugfixes BUGFIX: debugger: IDA could lock up if the remote debug server stopped responding BUGFIX: decompiler: fix interrs when decompiling functions with >64 arguments BUGFIX: decompiler: fixed infinite loop while analyzing some golang binaries BUGFIX: decompiler: fixed multiple interrs BUGFIX: disassembly: parentheses could be missing in complex offset expressions like "target-(base+N)" BUGFIX: golang: fixed an interr caused by slice types with circular dependencies BUGFIX: golang: remove unnecessary BUILTIN_SLICE type BUGFIX: idaclang would fail to store mangled symbols in the TIL, which means the prototypes would not be detected when loading the TIL with the "Load type library" action) BUGFIX: idapython: IDA could crash if None was passed to some API calls BUGFIX: kernel: fixed interr 1007 that could occur when processing types with bitfields BUGFIX: kernel: get_item_size(BADADDR) could return huge values in some situations (should be 1) BUGFIX: UI: on Windows, IDA could produce a fatal error "CreateDIBSection failed" when trying to display a very wide hint BUGFIX: UI: Options>Compiler>Arguments setting was not saved in the database [Hidden Content] [hide][Hidden Content]]
  6. FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints. This is not a competitor to tools like Diaphora or BinNavi, but it is ideal to find a known function in a new binary for cases where classical bindiffing fails. [hide][Hidden Content]]
  7. FindFunc is an IDA PRO plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints. This is not a competitor to tools like Diaphora or BinNavi, but it is ideal to find a known function in a new binary for cases where classical bindiffing fails. Filtering with Rules The main functionality of FindFunc is letting the user specify a set of “Rules” or constraints that a code function in IDA PRO has to satisfy. FF will then find and list all functions that satisfy ALL rules (so currently all Rules are in an AND-conjunction). Exception: Rules can be “inverted” to be negative matches. Such rules thus conform to “AND NOT”. FF will schedule the rules in a smart order to minimize processing time. Feature overview: Currently, 6 Rules are available, see below Code matching respects Addressing-Size-Prefix and Operand-Size-Prefix Aware of function chunks Smart scheduling of rules for performance Saving/Loading rules from/to file in simple ascii format Several independent Tabs for experimentation Copying rules between Tabs via clipboard (same format as a file format) Advanced copying of instruction bytes (all, opcodes only, all except immediate) Button “Search Functions” clears existing results and starts a fresh search, “Refine Results” considers only results of the previous search. Advanced Binary Copying A secondary feature of FF is the option to copy binary representation of instructions with the following options: copy all -> copy all bytes to the clipboard copy without immediate -> blank out (AA ?? BB) any immediate values in the instruction bytes opcode only -> will blank out everything except the actual opcode(s) of the instruction (and prefixes) [hide][Hidden Content]]
  8. efiXplorer – IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: every time we focus on the last versions of IDA and Decompiler because trying to use the most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations. Why not IDApython: all code developed in C++ because it’s a more stable and performant way to support a complex plugin and get the full power of the most recent SDK’s features. Supported Platforms: Win, Linux, and OSX (x86/x64). Changelog v4.1 [new feature] Improved SMI handlers recognition to support: SxSmiHandler, IoTrapSmiHandler, UsbSmiHandler and etc. [new feature] Improved child SW SMI handlers recognition and now annotated as ChildSwSmiHandler. [new feature] Added visual representation for NVRAM variables and additional context in JSON report: address, service name, var name and var GUID. [bug fix] Numerous improvements and bug fixes in code analyzer and firmware image loader Moving to support of IDA SDK v7.7 [hide][Hidden Content]]
  9. Introduction The VulFi (Vulnerability Finder) tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide a single view with all cross-references to the most interesting functions (such as strcpy, sprintf, system, etc.). For cases where a Hexrays decompiler can be used, it will attempt to rule out calls to these functions which are not interesting from a vulnerability research perspective (think something like strcpy(dst,"Hello World!")). Without the decompiler, the rules are much simpler (to not depend on architecture) and thus only rule out the most obvious cases. [hide][Hidden Content]]
  10. Obfuscation Detection Automatically detect obfuscated code and other state machines Scripts to automatically detect obfuscated code and state machines in binaries. Implementation is based on IDA 7.4+ (Python3). Check out the following blog posts for more information on the Binary Ninja implementation: Automated Detection of Control-flow Flattening Automated Detection of Obfuscated Code Referenced Repository Note: Due to the recursive nature of plotting a dominator tree of every found function within the binary, the implementation and runtime overhead is expensive. As such, the flattening heuristic is omitted when the binary loaded has more than 50 functions. Functions will be skipped if the ctree structure is too large (more than 50 nodes) to prevent crashes. Changelog v1.7 Support for IDA 7.4+ (Including 7.7 onwards) Added version check for deprecated API functions [hide][Hidden Content]]
  11. Overview Patching assembly code to change the behavior of an existing program is not uncommon in malware analysis, software reverse engineering, and broader domains of security research. This project extends the popular IDA Pro disassembler to create a more robust interactive binary patching workflow designed for rapid iteration. This project is currently powered by a minor fork of the ubiquitous Keystone Engine, supporting x86/x64 and Arm/Arm64 patching with plans to enable the remaining Keystone architectures in a future release. Special thanks to Hex-Rays for supporting the development of this plugin. [hide][Hidden Content]]
  12. Obfuscation Detection Automatically detect obfuscated code and other state machines Scripts to automatically detect obfuscated code and state machines in binaries. Implementation is based on IDA 7.4+ (Python3). Check out the following blog posts for more information on the Binary Ninja implementation: Automated Detection of Control-flow Flattening Automated Detection of Obfuscated Code Referenced Repository Note: Due to the recursive nature of plotting a dominator tree of every found function within the binary, the implementation and runtime overhead is expensive. As such, the flattening heuristic is omitted when the binary loaded has more than 50 functions. Functions will be skipped if the ctree structure is too large (more than 50 nodes) to prevent crashes. Changelog v1.6 Refactor plugin handler Removed duplicate banner print Changed PLUGIN_FIX to PLUGIN_HIDE, user can just use Ctrl-Shift-H Code cleanup in #5 [hide][Hidden Content]]
  13. IDA Pro 7.6.210427 SP1 x64 + Hexrays, Hexarm & Hexmips Decompilers IDA Pro The best-of-breed binary code analysis tool, an indispensable item in the toolbox of world-class software analysts, reverse engineers, malware analyst and cybersecurity professionals. A powerful disassembler and a versatile debugger IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation (assembly language). Advanced techniques have been implemented into IDA Pro so that it can generate assembly language source code from machine-executable code and make this complex code more human-readable. The debugging feature augmented IDA with the dynamic analysis. It supports multiple debugging targets and can handle remote applications. Its cross-platform debugging capability enables instant debugging, easy connection to both local and remote processes and support for 64-bit systems and new connection possibilities. [Hidden Content] [hide][Hidden Content]]
  14. Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our automated tests pass the new algorithm will be usable on HashDB within minutes. Installing HashDB Before using the plugin you must install the python requests module in your IDA environment. The simplest way to do this is to use pip from a shell outside of IDA. (pip install requests) Once you have the requests module installed simply copy the latest release of hashdb.py into your IDA plugins directory and you are ready to start looking up hashes! Use HashDB can be used to look up strings that have been hashed in malware by right-clicking on the hash constant in the IDA disassembly view and launching the HashDB Lookup client. Settings Before the plugin can be used to look up hashes the HashDB settings must be configured. The settings window can be launched from the plugins menu Edit->Plugins->HashDB. [hide][Hidden Content]]
  15. A curated list of IDA x64DBG and OllyDBG plugins. IDA is a powerful disassembler and debugger that allows to analyze binary, it also includes a decompiler. X64DBG is an open-source x64/x32 debugger for Windows. OllyDbg is a 32-bit assembler level analysing debugger for Windows. Content IDA Plugins Ghidra Plugins X64dbg Plugins OllyDBG Plugins [hide][Hidden Content]]
  16. Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our automated tests pass the new algorithm will be usable on HashDB within minutes. Installing HashDB Before using the plugin you must install the python requests module in your IDA environment. The simplest way to do this is to use pip from a shell outside of IDA. (pip install requests) Once you have the requests module installed simply copy the latest release of hashdb.py into your IDA plugins directory and you are ready to start looking up hashes! 1.7.1 Latest What's Changed Fixed compatibility with Python 3.6, bumped version by @anthonyprintup in #22 [hide][Hidden Content]]
  17. Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our automated tests pass the new algorithm will be usable on HashDB within minutes. Installing HashDB Before using the plugin you must install the python requests module in your IDA environment. The simplest way to do this is to use pip from a shell outside of IDA. (pip install requests) Once you have the requests module installed simply copy the latest release of hashdb.py into your IDA plugins directory and you are ready to start looking up hashes! [hide][Hidden Content]]
  18. Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our automated tests pass the new algorithm will be usable on HashDB within minutes. Installing HashDB Before using the plugin you must install the python requests module in your IDA environment. The simplest way to do this is to use pip from a shell outside of IDA. (pip install requests) Once you have the requests module installed simply copy the latest release of hashdb.py into your IDA plugins directory and you are ready to start looking up hashes! [hide][Hidden Content]]
  19. by Argus Cyber Security Ltd. The IDA Pattern Search plugin adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format. Using this plugin, it is possible to define new patterns according to the appropriate CPU architecture and analyze the target binary to find and define new functions in it. For more detailed information, including Ghidra's format for bit-patterns and how to generate new patterns, check out our blog post about this plugin. [hide][Hidden Content]]
  20. Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our automated tests pass the new algorithm will be usable on HashDB within minutes. Using HashDB HashDB can be used to look up strings that have been hashed in malware by right-clicking on the hash constant in the IDA disassembly view and launching the HashDB Lookup client. Settings Before the plugin can be used to look up hashes the HashDB settings must be configured. The settings window can be launched from the plugins menu Edit->Plugins->HashDB. [hide][Hidden Content]]
  21. Diaphora is a plugin for IDA Pro that aims to help in the typical BinDiffing tasks. It’s similar to other competitor products and open sources projects like Zynamics BinDiff, DarunGrim, or TurboDiff. However, it’s able to perform more actions than any of the previous IDA plugins or projects. Diaphora is distributed as a compressed file with various files and folders inside it. The structure is similar to the following one: diaphora.py: The main IDAPython plugin. It contains all the code of the heuristics, graphs displaying, export interface, etc… jkutils/kfuzzy.py: This is an unmodified version of the kfuzzy.py library, part of the DeepToad project, a tool and a library for performing fuzzy hashing of binary files. It’s included because fuzzy hashes of pseudo-codes are used as part of the various heuristics implemented. jkutils/factor.py: This is a modified version of a private malware clusterization toolkit based on graphs theory. This library offers the ability to factor numbers quickly in Python and, also, to compare arrays of prime factors. Diaphora uses it to compare fuzzy AST hashes and call graph fuzzy hashes based on small-primes-products (an idea coined and implemented by Thomas Dullien and Rolf Rolles first, authors or former authors of the Zynamics BinDiff commercial product, in their “Graph-based comparison of Executable Objects – Zynamics” paper). Pygments/: This directory contains an unmodified distribution of the Python pygments library, a “generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code”. [hide][Hidden Content]]
  22. FindYara Use this IDA python plugin to scan your binary with Yara rules. All the Yara rule matches will be listed with their offset so you can quickly hop to them! Using FindYara The plugin can be launched from the menu using Edit->Plugins->FindYara or using the hot-key combination Ctrl-Alt-Y. When launched the FindYara will open a file selection dialogue that allows you to select your Yara rules file. Once the rule file has been selected FindYara will scan the loaded binary for rule matches. All rule matches are displayed in a selection box that allows you to double click the matches and jump to their location in the binary. [hide][Hidden Content]]
  23. Karta - source code assisted fast binary matching plugin for IDA. [hide][Hidden Content]]
  24. Obfuscation Detection Automatically detect obfuscated code and other state machines Scripts to automatically detect obfuscated code and state machines in binaries. Implementation is based on IDA 7.4+ (Python3). Check out the following blog posts for more information on the Binary Ninja implementation: Automated Detection of Control-flow Flattening Automated Detection of Obfuscated Code Referenced Repository Note: Due to the recursive nature of plotting a dominator tree of every found function within the binary, the implementation and runtime overhead is expensive. As such, the flattening heuristic is omitted when the binary loaded has more than 50 functions. Functions will be skipped if the ctree structure is too large (more than 50 nodes) to prevent crashes. Changelog v1.5 GUI Features: QTable Heuristic result view Node limiting Single/All function heuristic search Heuristic result export Heuristic Features: Control-Flow Flattening Cyclomatic Complexity Basic Block Size Instruction Overlapping [hide][Hidden Content]]
  25. Obfuscation Detection Automatically detect obfuscated code and other state machines Scripts to automatically detect obfuscated code and state machines in binaries. obfDetect v1.4 Heuristic Features: Control-Flow Flattening Cyclomatic Complexity Basic Block Size Instruction Overlapping [hide][Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.