A forum for reverse engineering, OS internals and malware analysis 

Search found 3 matches

 Go to advanced search

Re: diffing binaries without IDA

 by ctrl^break ¦  Tue Mar 28, 2017 3:41 pm ¦  Forum: Reverse Engineering and Debugging ¦  Topic: diffing binaries without IDA ¦  Replies: 5 ¦  Views: 24771

One very powerful differ is Diaphora by Joxean Koret. Diaphora provides great speed and better results than the regular tools. This tool relies on IDA Pro (it's an IDA Python script) so I'd say is 'with IDA'. You can download the tool from here: http://diaphora.re/ For the non-IDA options, you can u...

Re: Good resource for learning how to debug & reverse engine

 by ctrl^break ¦  Tue Mar 28, 2017 4:33 am ¦  Forum: Reverse Engineering and Debugging ¦  Topic: Good resource for learning how to debug & reverse engineer? ¦  Replies: 16 ¦  Views: 97817

This is a Malware Analysis training developed by the students from the Rensselaer Polytechnic Institute (https://rpis.ec).

Here the link to download the materials and labs:




Re: how to dump the memory of a user-mode application?

 by ctrl^break ¦  Mon Mar 27, 2017 9:56 pm ¦  Forum: Reverse Engineering and Debugging ¦  Topic: how to dump the memory of a user-mode application? ¦  Replies: 2 ¦  Views: 16650

Hi, The first thing about working with memory dumps is basically asking to yourself how much experience do you have working with WinDBG. Fortunately, WinDBG is not the only option to work with it, but for sure is the more advanced one with a huge learning curve for the more adventurous ones. :twiste...