EloiStree
commented
5 months ago https://chat.openai.com/share/b4aa3825-85b3-4a42-9fbe-50e1bf62c1df
| Tool | Description |
|---|---|
| WinDbg | Powerful debugger for Windows, useful for memory and code analysis. |
| IDA Pro | Disassembler and debugger with advanced features for reverse engineering. |
| x64dbg | Open-source debugger for Windows with a user-friendly interface. |
| OllyDbg | Popular debugger for Windows, suitable for beginners. |
| GDB (GNU Debugger) | Cross-platform debugger for Unix-like systems, supports multiple languages. |
| Immunity Debugger | Debugger with a Python API, designed for analyzing binaries and malware. |
| Radare2 | Open-source framework for reverse engineering, including a disassembler and debugger. |
| Cheat Engine | Memory inspection and manipulation tool, commonly associated with game cheating. |
| Process Explorer | Windows Sysinternals tool providing detailed information about processes, including memory usage. |
| Sysinternals Suite | Collection of advanced system utilities for Windows, including tools like Procmon and Autoruns. |
| Frida | Dynamic instrumentation toolkit that allows you to inject scripts into running processes. |
| Wireshark | Network protocol analyzer that can capture and analyze data, including memory-related interactions. |
| IDA Free | Free version of IDA Pro offering limited features for basic analysis. |
| PyDbg | Python library for Windows that provides debugging primitives, including memory access. |
| Manticore | Symbolic execution tool for binary analysis, including memory analysis. |
| YARA | Tool for pattern matching in files and streams, can be adapted for memory analysis. |
| Scylla and OllyDumpEx | Tools for dumping the memory of a process, commonly used in reverse engineering. |
| dnSpy | .NET debugger and assembly editor, useful for analyzing .NET applications. |
| Voltron | Debugger UI for GDB and LLDB, providing a modular interface for visualizing and interacting. |
| Wireshark | Network packet analyzer, also useful for inspecting network-related memory interactions. |
| ProcDump | Windows Sysinternals utility for capturing process dumps based on various triggers. |
| API Monitor | Tool for monitoring and displaying API calls made by applications, aiding memory analysis. |
| Ghidra | Open-source reverse engineering framework with disassembly, decompilation, and scriptability. |
| Memoryze | Memory analysis tool by FireEye for incident response and forensic analysis. |
| IDA Free | Free version of IDA Pro, offering limited features but suitable for basic analysis. |
| x64dbg | Open-source debugger for Windows with a graphical interface, ideal for beginners. |
| Ghidra | Powerful, open-source reverse engineering framework with a user-friendly interface. |
| OllyDbg | Popular debugger for Windows, widely used and relatively user-friendly. |
| Wireshark | Network protocol analyzer with a graphical interface, suitable for memory interaction analysis. |
| Volatility | Open-source memory forensics framework, powerful but may have a steeper learning curve. |
| IDA Free | Free version of the IDA Pro disassembler, offering basic features for reverse engineering. |
| x64dbg | User-friendly, open-source debugger for Windows, suitable for beginners. |
| GDB (GNU Debugger) | Cross-platform debugger with support for multiple languages and platforms. |
| LDB (LLDB Debugger) | Debugger that is part of the LLVM project, commonly used on macOS and Linux. |
| Memoryze | Volatility plugin for memory analysis, aiding in identifying injected code and modifications. |
| Yara-python | Python interface to YARA for pattern matching in memory. |
| Binwalk | Tool for analyzing and extracting firmware images, useful for memory analysis in embedded systems. |
| Rekall Framework | Open-source memory analysis framework for live analysis on Windows, Linux, and macOS. |
| Sysdig | Container-native monitoring and troubleshooting tool, useful for system and application memory analysis. |
| Scapy | Python-based interactive packet manipulation program and library for network traffic analysis. |
| R2Pipe | Utilities that allow Radare2 to be used as a library, enabling scripting and automation. |
| Pwndbg | GDB plugin for exploit development and reverse engineering, enhancing GDB for memory analysis. |
| Malfind | Volatility plugin for identifying injected code and suspicious modifications in process memory. |
| Yara-python | Python interface to YARA, allowing pattern matching in memory. |
| HeapDump | Tool for capturing and analyzing heap memory dumps, helpful in identifying memory-related issues. |
| BinDiff | Binary code analysis tool for identifying and understanding changes between different versions. |
| medusa | Disassembler designed for malware analysis, aiding in understanding code flow and function calls. |
| Reversing Labs Titanium Platform | Commercial platform for threat intelligence and analysis, including memory analysis capabilities. |
| Redline by FireEye | Tool for endpoint security and analysis, including memory analysis features for incident response. |
https://youtu.be/eUnzO_Ususw?t=705