Random IRC quote :      <wzzx> el pdf de radare lo utilizaré yo para equilibrar la mesa

Tools

En esta página recopilamos algunas de las herramientas, pajas mentales y, en general, ejercicios de onanismo varios creados por los descerebrados de 48bits y presentadas en estricto orden analfabético:

  • Deeptoad: A python library and tool to clusterize similar files using fuzzy hashing techniques. By Joxean.
  • Inguma: Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. By Hugo «Who?» Teso and Joxean «No Photos» Koret.
  • Ioctlizador: Tool designed to find vulnerable drivers in Windows systems. It intercepts all IOCTLs whose Transfer type is METHOD_NEITHER and checks whether the output buffer’s pointer is properly validated. By Zohiartze Herce
  • Kartoffel: Kartoffel is a extensible command-line tool developed with the aim of helping developers to test the security and the reliability of a driver. By Rubén «Shining Star» Santamarta.
  • Kojoney: Low level SSH honeypot. Entirely written in python. By, again, Joxean.
  • OllySSEH: This plugin does an in-memory scanning of process loaded modules checking if they were compiled with /SafeSEH, if so it can list the registered handlers (you can follow them at CPU window doing double click). By Mario «Asalta-Yacuzzis» Ballano.
  • Pyew: A python tool oriented, mainly, to analyze malware. It has support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE and ELF file formats (it does code analysis the right way), following direct call/jmp instructions, OLE2 format, PDF format (limited) and more. By Joxean «look for a hobby» Koret.
  • Radare: Set of tools following a *nix-like design aiming to help on reverse engineering tasks. Based on a hexadecimal editor with integrated disassembler for various arquitectures, debugger, bindiffing, code analysis, and much more. There are bindings for various scripting languages like perl, ruby, python or lua. By pancake
  • Smdetect: A PoC of VMM detection through samepage merging. By erg0t.
  • Xaray: a shabby program created to be used on x-ray technique practicing, it’s thought to be like a small template over wich you can create any x-ray related tool you may need. By Mario «Where is my Pulpo» Ballano.
  • Yara: YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. By «Grandpa» Víctor.
  • Zero Wine: Zero Wine is a malware’s behavior analysis tool. Just upload your suspicious PE file through the web interface and let it analyze the behaviour of the process. By..? Of course, Joxean!