Open EloiStree opened 5 months ago
https://chat.openai.com/share/b4aa3825-85b3-4a42-9fbe-50e1bf62c1df
Tool | Description |
---|---|
WinDbg | Powerful debugger for Windows, useful for memory and code analysis. |
IDA Pro | Disassembler and debugger with advanced features for reverse engineering. |
x64dbg | Open-source debugger for Windows with a user-friendly interface. |
OllyDbg | Popular debugger for Windows, suitable for beginners. |
GDB (GNU Debugger) | Cross-platform debugger for Unix-like systems, supports multiple languages. |
Immunity Debugger | Debugger with a Python API, designed for analyzing binaries and malware. |
Radare2 | Open-source framework for reverse engineering, including a disassembler and debugger. |
Cheat Engine | Memory inspection and manipulation tool, commonly associated with game cheating. |
Process Explorer | Windows Sysinternals tool providing detailed information about processes, including memory usage. |
Sysinternals Suite | Collection of advanced system utilities for Windows, including tools like Procmon and Autoruns. |
Frida | Dynamic instrumentation toolkit that allows you to inject scripts into running processes. |
Wireshark | Network protocol analyzer that can capture and analyze data, including memory-related interactions. |
IDA Free | Free version of IDA Pro offering limited features for basic analysis. |
PyDbg | Python library for Windows that provides debugging primitives, including memory access. |
Manticore | Symbolic execution tool for binary analysis, including memory analysis. |
YARA | Tool for pattern matching in files and streams, can be adapted for memory analysis. |
Scylla and OllyDumpEx | Tools for dumping the memory of a process, commonly used in reverse engineering. |
dnSpy | .NET debugger and assembly editor, useful for analyzing .NET applications. |
Voltron | Debugger UI for GDB and LLDB, providing a modular interface for visualizing and interacting. |
Wireshark | Network packet analyzer, also useful for inspecting network-related memory interactions. |
ProcDump | Windows Sysinternals utility for capturing process dumps based on various triggers. |
API Monitor | Tool for monitoring and displaying API calls made by applications, aiding memory analysis. |
Ghidra | Open-source reverse engineering framework with disassembly, decompilation, and scriptability. |
Memoryze | Memory analysis tool by FireEye for incident response and forensic analysis. |
IDA Free | Free version of IDA Pro, offering limited features but suitable for basic analysis. |
x64dbg | Open-source debugger for Windows with a graphical interface, ideal for beginners. |
Ghidra | Powerful, open-source reverse engineering framework with a user-friendly interface. |
OllyDbg | Popular debugger for Windows, widely used and relatively user-friendly. |
Wireshark | Network protocol analyzer with a graphical interface, suitable for memory interaction analysis. |
Volatility | Open-source memory forensics framework, powerful but may have a steeper learning curve. |
IDA Free | Free version of the IDA Pro disassembler, offering basic features for reverse engineering. |
x64dbg | User-friendly, open-source debugger for Windows, suitable for beginners. |
GDB (GNU Debugger) | Cross-platform debugger with support for multiple languages and platforms. |
LDB (LLDB Debugger) | Debugger that is part of the LLVM project, commonly used on macOS and Linux. |
Memoryze | Volatility plugin for memory analysis, aiding in identifying injected code and modifications. |
Yara-python | Python interface to YARA for pattern matching in memory. |
Binwalk | Tool for analyzing and extracting firmware images, useful for memory analysis in embedded systems. |
Rekall Framework | Open-source memory analysis framework for live analysis on Windows, Linux, and macOS. |
Sysdig | Container-native monitoring and troubleshooting tool, useful for system and application memory analysis. |
Scapy | Python-based interactive packet manipulation program and library for network traffic analysis. |
R2Pipe | Utilities that allow Radare2 to be used as a library, enabling scripting and automation. |
Pwndbg | GDB plugin for exploit development and reverse engineering, enhancing GDB for memory analysis. |
Malfind | Volatility plugin for identifying injected code and suspicious modifications in process memory. |
Yara-python | Python interface to YARA, allowing pattern matching in memory. |
HeapDump | Tool for capturing and analyzing heap memory dumps, helpful in identifying memory-related issues. |
BinDiff | Binary code analysis tool for identifying and understanding changes between different versions. |
medusa | Disassembler designed for malware analysis, aiding in understanding code flow and function calls. |
Reversing Labs Titanium Platform | Commercial platform for threat intelligence and analysis, including memory analysis capabilities. |
Redline by FireEye | Tool for endpoint security and analysis, including memory analysis features for incident response. |
https://youtu.be/eUnzO_Ususw?t=705