Exploit the possiblities
Showing 1 - 25 of 44 RSS Feed

Files

Linux_Memory_Tools-0.2.tar.gz
Posted Oct 3, 2006
Authored by Pierre BETOUIN | Site securitech.homeunix.org

Linux Memory tools are a set of Linux tools (Python, C and ASM) which aim is to facilitate exploit development. These tools can be used to dump process memory, search for patterns and quickly find OPCODEs location addresses (instructions and mnemonics are functional but still in development). OPCODE search is possible on an instant memory snapshot or using a file dump. These tools are been quickly coded and should be considered as helpful scripts. Return addresses or shellcode locations can be found instantly.

tags | shellcode, python
systems | linux
MD5 | ee818078aefb095992a0780c0ca86651
PaiMei-1.0-REV88.zip
Posted Jul 26, 2006
Authored by Pedram Amini | Site openrce.org

PaiMei is a reverse engineering framework consisting of multiple extensible components. The goal of the framework is to reduce the time from "idea" to prototype to a matter of minutes, instead of days. PaiMei is written entirely in Python and exposes at the highest level a debugger, a graph based binary abstraction and a set of utilities for accomplishing various repetitive tasks. The framework can essentially be thought of as a reverse engineer's swiss army knife and has already been proven effective for a wide range of both static and dynamic tasks such as: fuzzer assistance, code coverage tracking, data flow tracking and more.

tags | python, fuzzer
systems | linux
MD5 | c6c346b11574ff33f6fd33bb5b843f60
disit01A.zip
Posted Feb 2, 2006
Authored by Piotr Bania | Site piotrbania.com

Disit is a new open source disassembler engine.

systems | linux
MD5 | 27e20a6021807b4697c92d801b0567d6
elf-0.5.4p1.tar.gz
Posted Sep 9, 2004
Authored by Samy | Site kerneled.org

elf is a command-line tool that allows a user, be it a script or a human, to analyze the contents of an ELF object file header. This header contains various integral values such as the virtual entry point of the object file, the machine architecture it was compiled for and more.

systems | linux
MD5 | 764d94eaa8f4ef6bdd12994a507fd9fc
reverse_backdoored_binaries.txt
Posted Apr 19, 2004
Authored by Chris | Site cr-secure.net

Well written whitepaper about reverse engineering backdoored binaries. It is meant for the beginner reverse engineer with some knowledge of ELF, C, x86 ASM, and Linux.

tags | x86
systems | linux
MD5 | 44254a0ab92d356cf69959d3c8060f44
rec16lx.zip
Posted Dec 14, 2003
Site backerstreet.com

REC is a portable reverse engineering decompiler which reads an executable file and attempts to produce a C-like representation of the code and data used to build it. It can decompile 386, 68k, PowerPC, and MIPS R3000 programs and recognizes the following file formats: ELF (System V Rel. 4, e.g. Linux, Solaris, etc.), COFF (System V Rel. 3.x, e.g. SCO), PE (Win32 .EXE and .DLL for Microsoft Windows 95 and NT), AOUT (BSD derivatives, e.g. SunOS 4.x), Playstation PS-X (MIPS target only), and raw binary data (via .cmd files).

systems | linux, windows, 9x, solaris, bsd, 32
MD5 | a347303252e10cba03e8f0d29d91d33d
valgrind-2.0.0.tar.bz2
Posted Nov 21, 2003
Authored by Nick Nethercote | Site valgrind.kde.org

Valgrind is a GPL'd tool to help you find memory-management problems in your programs. When a program is run under Valgrind's supervision, all reads and writes of memory are checked, and calls to malloc/new/free/delete are intercepted. You can use it to debug most dynamically linked ELF x86 executable, without modification, recompilation, or anything. If you want, Valgrind can start GDB and attach it to your program at the point(s) where errors are detected, so that you can poke around and figure out what was going on at the time.

tags | x86
systems | linux
MD5 | 1f6a90d0ca494fb75eaeef498e8252b5
procshow-1.0.tar.gz
Posted Oct 9, 2003
Authored by zb0, cuco | Site procshow.whatever.org.ar

Procshow is a tool to analyze live processes. It shows ELF information as objdump, nm, readelf, etc but using a file in a runtime state. It helps an end user learn about a process, detect anomalies, backdoors, and holds various other uses.

systems | linux
MD5 | a289e7404f6725f20f3d49406b4b0660
elfsh-0.51b3-portable.tgz
Posted Sep 13, 2003
Authored by Mayhem | Site elfsh.devhell.org

Elf Shell v0.51b3-portable is an automated reverse engineering tool with read/write capability for the ELF format. Sophisticated output with cross references using .got, .ctors, .dtors, .symtab, .dynsym, .dynamic, .rel.* and many other with an integrated hexdump. Designed for Linux. All calls encapsulated in libelfsh.a, so the elfsh API is really reusable.

Changes: It works on Linux, NetBSD, FreeBSD, and Solaris for the INTEL and SPARC architectures. It provides ET_REL injection into ET_EXEC for both arch, and INTEL control flow graphs, as well as a lot of new improvements, as featured lastly in The Cerberus ELF interface article in phrack #61.
tags | shell
systems | linux
MD5 | e8073d475e82dc911a7ebfa6f2567719
anti-ptrace.txt
Posted Apr 16, 2003
Authored by netric, Sacrine | Site netric.org

Linux LKM that disables ptrace abilities in the 2.4.x kernels.

tags | kernel
systems | linux
MD5 | 733b5e9e6be20f03180a6fce8f8f6c07
oOps.c
Posted Jan 5, 2003
Authored by Gunzip

oOps.c grabs hardcoded strings from binary files. Shows rootkit passwords and other information that is encoded character at a time to avoid binary examination like the strings command. Tested on Linux.

systems | linux
MD5 | c16cd712e1571f6a4b3095de4011a13e
LDasm-0.04.53.tar.gz
Posted Dec 18, 2002
Authored by Ravemax | Site rover.wiesbaden.netsurf.de

LDasm (Linux Disassembler) is a Perl/Tk-based GUI for objdump/binutils that tries to imitate the look and feel of W32Dasm. It searches for cross-references (e.g. strings), converts the code from GAS to a MASM-like style, and much more.

Changes: Fileoffset is calculated and is displayed. Screen shot here.
tags | perl
systems | linux
MD5 | db571e90f47d43062072b6131c639ee6
anti-anti-dbg.c
Posted Nov 2, 2002
Authored by Slacko

anti-anti-debug is a Linux kernel module that is used to stop the technique currently implemented into closed source Linux binaries that disallow or restrict debugging and tracing with tools like gdb and strace.

tags | kernel
systems | linux
MD5 | 493e3fcae4f98e41bdf3da4e042f4bd4
elfsh-0.43b-portable.tgz
Posted Jul 6, 2002
Authored by Mayhem | Site devhell.org

Elf Shell v0.43b-portable is an automated reverse engineering tool with read/write capability for the ELF format. Sophisticated output with cross references using .got, .ctors, .dtors, .symtab, .dynsym, .dynamic, .rel.* and many other with an integrated hexdump. Designed for Linux. All calls encapsulated in libelfsh.a, so the elfsh API is really reusable. Sample output here.

Changes: Bigger testsuite, documentation improved, minor bugs and typo fixed, Improved portability - still working on Redhat, Debian, Slackware Linux, NetBSD and FreeBSD current.
tags | shell
systems | linux
MD5 | 328d567e1f0f6c0411ccf51c5ea57a4f
examiner-0.4.tar.gz
Posted Jul 4, 2002
Authored by Craig Smith | Site AcademicUnderground.org

The Examiner is a tool to analyze foreign binary executables. The goal of is to be able to get output similar to strace without executing the binary in question. Uses the objdump command to disassemble and comment binaries. This tool was designed for forensic purposes but could be used for basic reverse-engineering goals as well.

systems | linux
MD5 | b54af6041cacbbdea2ecb0ed95bce2b1
bastard-0.14.tgz
Posted Dec 9, 2001
Site bastard.sourceforge.net

A disassembler written for disassembly of x86 ELF targets on Linux (other file formats/CPUs can be 'plugged in'). Written as a backend or engine -- the UI is a command line; support for controlling the disassembler via pipes or FIFOs is provided. Note that this disassembler does not rely on libopcodes to do its disassembly; rather, the 'libi386' plugin is a standard .so that can be reused by other projects.

Changes: Bugs in the disassembler (disp32, 0x0F bugs) have been fixed. A GUI frontend has been added to the main Makefile, and autogen/configure has been replaced with more simple, more reliable Makefiles.
tags | x86
systems | linux
MD5 | b3ccebb3fab7124cfd58ecf43782c7c2
bastard_src-0.10.tgz
Posted Sep 3, 2001
Site bastard.sourceforge.net

A disassembler written for disassembly of x86 ELF targets on Linux (other file formats/CPUs can be 'plugged in'). Written as a backend or engine -- the UI is a command line; support for controlling the disassembler via pipes or FIFOs is provided. Note that this disassembler does not rely on libopcodes to do its disassembly; rather, the 'libi386' plugin is a standard .so that can be reused by other projects.

Changes: Added extensions (modules for CPU, assembler, source language, and also plugins). Wrote a basic Tk frontend, and added support for structures.
tags | x86
systems | linux
MD5 | d9da18ea56712f37e641bda4019cea79
bastard-0.08.tgz
Posted Apr 15, 2001
Site bastard.sourceforge.net

A disassembler written for disassembly of x86 ELF targets on Linux (other file formats/CPUs can be 'plugged in'). Written as a backend or engine -- the UI is a command line; support for controlling the disassembler via pipes or FIFOs is provided. Note that this disassembler does not rely on libopcodes to do its disassembly; rather, the 'libi386' plugin is a standard .so that can be reused by other projects.

Changes: The base functionality is there, but the code is not complete. The program depends upon: libreadline [not included], typhoon RDB [included], and seer interpreter [included]. Basic [non-FPU, non-MMX, etc] x86 instructions are supported. Work is currently being done on adding higher-level disassembly[/decompilation] features. As of .08, address naming, subroutine recognition, xrefs, and library imports are functional. Strings are 'in the works.' Documentation is sparse.
tags | x86
systems | linux
MD5 | 12d9b2989602954eb53a2ed64f701623
hypersrc-3.0.3.tar.gz
Posted Jan 25, 2001
Authored by Jim Brooks | Site jimbrooks.org

hypersrc is a GUI program for browsing source code, which uses GTK+. It provides a list widget containing sorted source code tags. A programmer can click a tag to hyperlink to a particular tagged line in a source code file. Screenshot here.

Changes: Hypersrc now displays a tree view of function call relationships in the source code.
systems | linux
MD5 | 5650f70aabbe0c882108300eaa8d9248
hypersrc-2.1.6.tar.gz
Posted Jan 3, 2001
Authored by Jim Brooks | Site jimbrooks.org

hypersrc is a GUI program for browsing source code, which uses GTK+. It provides a list widget containing sorted source code tags. A programmer can click a tag to hyperlink to a particular tagged line in a source code file. Screenshot here.

Changes: Fixed all known segfaults.
systems | linux
MD5 | 992fbec325b7a06225603aca670af082
gvd-1.0.1-linux.gz
Posted Dec 2, 2000
Site libre.act-europe.fr

GVD is a general purpose graphical debugger frontend. It features advanced data display and visualization capabilities, and allows the debugging of multi-process/multi-threaded applications in the same debugging session. GVD works with native and cross-debuggers and can handle several languages in the same debugging session and the same application. C and Ada are supported. GVD can run on a host different from the machine where the debugger is running and provides friendly support for cross-debuggers (VxWorks, Lynx, etc.). For instance, you can use Linux or Windows to debug an application running on a Power PC board with a debugger running on a Sun workstation.

systems | linux, windows
MD5 | d5a4f12782f729048d9b1af98f4725e9
sdebug.tgz
Posted Nov 10, 2000
Authored by Sector X | Site xorteam.cjb.net

Segment debugger is an ELF binary segment scanner with a console ncurses interface. its currently in alpha stages and features only stack phrase, and double word searching.

systems | linux
MD5 | d9d6a874652a1b7427ba07f6df3c257f
biew-520.tar.bz2
Posted Oct 30, 2000
Authored by Nick Kurshev | Site biew.sourceforge.net

Biew is Binary vIEWer with built-in editor for binary, hexadecimal and disassembler modes. It contains a PentiumIII/K7Athlon/Cyrix-M2 disassembler, full preview of MZ, NE, PE, LE, LX, DOS.SYS, NLM, arch, ELF, a.out, coff32, PharLap, and rdoff executable formats, a code guider, a text viewer with russian codepages support, and many other features.

Changes: A Pentium IV disassembler, improved documentation, and lots of various enhancements and bugfixes.
systems | linux
MD5 | fa1a992ce9abd7538e7fc4ac23023c4d
repeat.tar.gz
Posted Aug 9, 2000
Authored by The Grugq

The Reverse Engineer's Patcher is the first byte patcher for UNIX systems. It will compare two binaries and produce a patch in C.

systems | linux, unix
MD5 | 789bfd8669711efdf2def87f1fd9b4b7
SN451.tar.gz
Posted Jul 23, 2000
Site sources.redhat.com

Source-Navigator is a source code analysis tool. With it, you can edit source code, display relationships between classes and functions and members, display call trees, and build projects.

systems | linux
MD5 | 0db736f55a930b0074c10ad2be79a5eb
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
PlexCoin Scam Founder Sentenced To Jail And Fined $10k
Posted Dec 10, 2017

tags | headline, cybercrime, fraud, scam, cryptography
Google Lifts Lid On FBI Data Requests: Now You Can Read Actual Letters Online
Posted Dec 9, 2017

tags | headline, government, privacy, usa, google, fbi
Android Flaw Lets Attack Code Slip Into Signed Apps
Posted Dec 9, 2017

tags | headline, malware, phone, flaw, google
Millions Stolen In NiceHash Bitcoin Heist
Posted Dec 9, 2017

tags | headline, hacker, cybercrime, fraud, cryptography
Apple HomeKit Flaw Left Smart Gadgets Vulnerable
Posted Dec 9, 2017

tags | headline, flaw, apple
Intel Management Engine Pwned By Buffer Overflow
Posted Dec 7, 2017

tags | headline, hacker, flaw, conference, intel
Google Steps Up Browser Rivalry With Site Isolation Security
Posted Dec 7, 2017

tags | headline, google, chrome
Ajit Pai Falsely Claims Killing Net Neutrality Helps The Sick
Posted Dec 7, 2017

tags | headline, government, usa, fraud
Bitcoin Breaks Through The $15,000 Mark
Posted Dec 7, 2017

tags | headline, cryptography
CryptoKitties Craze Slows Down Transactions On Ethereum
Posted Dec 6, 2017

tags | headline, denial of service, cryptography
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close