OpenRCE

s Homepage Created by Daniel Pistelli, a freeware suite of tools including a PE editor called CFF Explorer and a process viewer. The PE editor has full support for PE32/64. Special fields description and modification (.NET supported), utilities, rebuilder, hex editor, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker etc. First PE editor with support for .NET internal structures. Resource Editor (Windows Vista icons supported) capable of handling .NET manifest resources. - Explorer Suite (Multi-Platform Version, Recommended)SHA1: 89CAB44D4956210570AB3123FBF13B2B7D870B91 - CFF Explorer (x86 Version, stand-alone, Zip Archive)SHA1: 7A287CD97BD9287C020C98C3496E284D04F5382D - CFF Explorer Extensions Repository The CFF Explorer was designed to make PE editing as easy as possible, but without losing sight on the portable executable's internal structure. Also, it's the first PE editor with full support for the .NET file format. Useful links:

Where to start in Reverse Engineering? « malwarereversing Well given the recent take down of reverse-engineering.net for unknown reasons I’ve decided to mirror some content here. I’ve formatted out some of the bits like user posts identities and cleaned up some formatting. Other than that I have NOT link checked so not sure what are good/bad links here. Hope you find it useful and woodmann.com will probably mirror the entire archive before to long. What do I learn first? —>>path 1: 1 ) visit to view some reversing videos that train you in the RCE basis. 2 ) check to find some visual solution submitted for crackmes. 3 ) Try to repeat the shown steps, and reproduce them with other crackmes. —>> path 2: 1. 1. Course for Newbies Very Assembler Basis, SICE Usage, Basic Techniques. 2. 3. (note: material for learning languages is in the appropriate section!) Cryptography Tutorials (ECC) Art of Disassembly E-BOOK

ARTeam Website: News Welcome to the new ARTeam web site. Read the rules and enjoy our usual releases (tutorials, ezine, tools and crackmes), plus the forum. Not much to say, happy staying (remember the linkus button if you wanna support this community visibility). : if you have any problem with the material we share or host here (the things we do) please contact us on forum or via mail. We are here to defend our idea of freedom of speech and fair RCE, but as well we are also widely open to collaborate in solving any possible problem this idea might create. 07/01 : new forum now online Hi all,totally brand new forum is now online. 06/04 : eZines now online at issuu Hi all, the 4 issues of our ezine coul be seen online at issuu.com, of course it's just a preview, because all the attachments are missing, but it's nice to see our ezine resembling a normal journal.. Issue 1 Issue 2 Issue 3 Issue 4 {*style:<b> Submitted by ARTeam </b>*} 06/04 : ARTeam New Site opening New site! Shub

[C/C++] Reverse Engineering Tutorial for newbies --------------------------------------------------------- ---===> Reverse Engineering Tutorial <===--- --==> For Beginners <==-- on Windows --------------------------------------------------------- -= SECTION 1 (Misc. information) =-I. WHAT THIS TUTORIAL WILL COVERII. PREFACEIII. REQUIREMENTSIV. RECOMMENDATIONS -= SECTION 2 (WPM hack) =-I. -= SECTION 3 (DLL hack) =-I. APPENDIXES:A. Section 1WHAT THIS TUTORIAL WILL COVER:- General theory behind 'hacking' games- Usage of (C/C++) WriteProcessMemory function- Injection of code (patch jumping to a user-defined *.dll) PREFACE (skip if you want):This tutorial is aimed in a very general direction, towards helping people who have never really 'hacked'anything before, but want to try. REQUIREMENTS:- Knowledge of C or C++ (if you've only coded in C, know that "naked" is a C++ only keyword)- A compiler that is capable of inline, Intel syntax Assembly (MSVC is, but is not share/freeware) No, but really, it's the same logic! However! An example of use:

Reverse Engineering Team Reverse Engineering Brief Tutorial Jardinez Chez jB // CrackZ's Reverse Engineering Page (1997-2010). Contact Me E-Mail: CrackZ__(at)hotmail(dot)com (note 2 underscores). ICQ: #131635002. IRC: #cracking4newbies, EFnet. I welcome all of your comments, source code, information, scene news, Shania Twain concert tickets, suggestions & tutorial submissions, even the 404 reports which I will try to fix. Legal Notice After several legal problems, I am obliged to point out that this site is an information resource and copyrighted original work by the author. Message Boards The latest trend in our community seems now to be the 'Message Board', probably many of these existed a long time before I stumbled across them. ExeTools Forum - Although the ExeTool's site itself is now fairly out of date, the forum lives on and is frequented by some of the best (and worst) in the 'scene' for unpacking and tooling matters. Hex-Rays Forum - IDA's Forum, now requires a login. The RCE Forums - Formerly +Fravia's Message Board (R.I.P) now hosted longterm by Woodmann. Site Search Sub Sections Visitors & Webmasters

HxD - Freeware Hex Editor and Disk Editor | mh-nexus HxD is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size. The easy to use interface offers features such as searching and replacing, exporting, checksums/digests, insertion of byte patterns, a file shredder, concatenation or splitting of files, statistics and much more. Editing works like in a text editor with a focus on a simple and task-oriented operation, as such functions were streamlined to hide differences that are purely technical. For example, drives and memory are presented similar to a file and are shown as a whole, in contrast to a sector/region-limited view that cuts off data which potentially belongs together. Furthermore a lot of effort was put into making operations fast and efficient, instead of forcing you to use specialized functions for technical reasons or arbitrarily limiting file sizes. Features License HxD is free of charge for private and commercial use. What's new Notes

IDA Pro Support and FAQ What our customers say about us... "I purchased your IDA Professional product 1 year ago today and I can't say enough about how good the product and your level of support has been. The majority of my support requests were answered within hours. You guys even modified an entire processor module to add support for some new instructions and delivered it working flawlessly by the next day. Technical accuracy, expertise of the staff and response time are all so far above the industry gold standard that I can say it's probably #1 in the entire industry. For all of your clients and potential clients, I can solidly say that an ongoing support contract with Hex-Rays is money well spent!" Support Options Contact us by e-mail; we usually respond within 1 business day to all questions. Documentation On-Line IDA manual. Tutorials Downloads Demo & Freeware versions of IDA can be found in the download center, along with SDK and utilities Sample plugins Plugin contest submissions User contributions ...

Free Hex Editor Binary File Editing Software for Windows by HHD Software Ltd. You never find any other Free Hex Editor that Allows you to find data patterns in multi-gigabyte files in seconds. Free Hex Editor Neo is award-winning large files optimized freeware editor for everyone who works with ASCII, hex, decimal, float, double and binary data. Freeware Hex Editor Neo allows you to view, modify, analyze your hexadecimal data and binary files, edit, exchange data with other applications through the clipboard, insert new data and delete existing data, as well as perform other editing actions. Make patches with just two mouse clicks; manipulate your EXE, DLL, DAT, AVI, MP3, JPG files with unlimited undo/redo. This hex and binary code data editing software utility for Windows includes the following basic functionality: Unlimited Undo/Redo; Find; Replace; Visual History Save and Load; Patch Creation; Clipboard Operations; Bytes, Words, Double Words, Quad Words, Floats and Doubles Edit Mode. Hex Editor can be successfully used for: HexEdit usage areas:

IDA Pro Disassembler - multi-processor, windows hosted disassembler and debugger What is IDA all about? IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger that offers so many features it is hard to describe them all. Just grab an evaluation version if you want a test drive. An executive summary is provided for the non-technical user. Getting IDA IDA is available for many platforms, and can be licensed under different terms. Support & Community We have placed a sensible amount of support links and documentation online that can be valuable both to new, and advanced users. Additionally, our user board is a valuable source of hints and tips for the IDA Disassembler. Technical Documentation Intro to the IDA Debugger. Screenshots