Hooked on Mnemonics Worked for Me
Pages
(Move to ...)
Home
Portable Executable Virustotal Example
Malware Analysis Search
iheartxor
injdmp
▼
msdocsviewer
›
Hello, I forgot to post a recent IDAPython plugin that I created for viewing Microsoft SDK documentation in IDA. Here is an example screens...
Function Trapper Keeper - An IDA Plugin For Function Notes
›
Function Trapper Keeper is an IDA plugin for writing and storing function notes in IDBs, it’s a middle ground between function comments and...
1 comment:
Recommended Resources for Learning Cryptography: RE Edition
›
A common question when first reverse engineering ransomware is “what is a good resource for learning cryptography?”. Having an understanding...
gopep (Go Lang Portable Executable Parser)
›
gopep (Go Lang Portable Executable Parser) is project I have been working on for learning about Windows Portable Executables (PE) compiled i...
Updates
›
Hello, Some real quick updates. I have released an new version of The Beginner's Guide to IDAPytho n. It has been rewritten to cover c...
A Primer on Cracking XOR Encoded Executables
›
A while back Locky JS downloaders were downloading executable payloads encrypted with XOR. The infection chain consisted of a victim double ...
1 comment:
ObfStrReplacer & ExtractSubfile Snippets
›
ObfStrReplacer is a script that replaces obfuscated variable names with easier to read strings. Some obfuscation techniques rely on common...
›
Home
View web version
