[Tools] Various Reversing Tools

[atom0s 10]

Some tools for those getting started in reversing. Keep in mind, a lot of these tools have plugins available and a lot of them are make/break without plugins. So do your research and get the plugins

 

IDA 6.5 (Recently leaked.)

 - Main program: 

Please login or register to see this link.

 - Plugins (HexRays decompiler etc.): 

Please login or register to see this link.

 

The 6.5 leak is a minor improvement to the previous leaks but it does not really offer much that can't be done with the previous known leaks. This is just a recent leak that some may find useful after being stuck with the older version(s) or demo for so long.

 

There are a lot of scrips and plugins for IDA on various scene / team websites, I encourage you to take a look for them. A lot of them can come in handy when working with various packers / protectors, as well as rebuilding information from vtables etc.

 

OllyDbg

 - v1: 

Please login or register to see this link.

 - v2: 

Please login or register to see this link.

 

OllyDbg is a debugger that is HIGHLY extendable via plugins. There are various sites that you can obtain popular plugins from. I will not give direct links as I do not want to break the advertisement rule, but search for sites like Tuts4You.

 

PEiD (Protection Detector)

 - v0.95: 

Please login or register to see this link.

 

PEiD is one of the oldest and well known protection detectors. However it has been long since discontinued. It is also another application that is highly extendable via plugins. You are recommended to locate them as well. Also, PEiD can load external user databases for detection patterns. It is recommended you find an updated pattern database as the internal one is for older protectors.

 

.NET Decompilers

 - ILSpy: 

Please login or register to see this link.

 - dotPeek: 

Please login or register to see this link.

[leetone 26]

The Hex Ray Decompilers are not complete, there isn't a working leak for any assemblies besides ARM I think. Anyways, everybody has their hopes up someday for 6.6

[atom0s 10]

The Hex Ray Decompilers are not complete, there isn't a working leak for any assemblies besides ARM I think. Anyways, everybody has their hopes up someday for 6.6

 

The plugin pack includes:

 - hexarm

 - hexrays (for x86)

 - hexrays_tools

 - smartdec

 - smartdec 64bit

 

So not sure what you mean by not complete. Sure, Hex Rays 64bit is not included, but the traditional leaks of IDA never included it in the past either. I'd say this is more complete then the previous versions as it is including HexArm unlike before. 

 

As for 6.6 I don't see it getting leaked anytime soon. I say this because of the nature in which 6.5 was leaked. It landed up getting leaked because someone leaked the hexarm decompiler plugin. I doubt that person is going to be given any internal team copies of any IDA related software anymore.

 

But I do look forward to possibly seeing it one day too.

[Casca 5]

IDA 6.5 ? Holy shit, thanks mate.

[SND 215]

my favourite tools are 

 

IDA 6

x64dbg which is open source olly clone but better

protectionID

DUP