We have covered the main tools, but reverse engineering also needs packer identifiers, network monitors, hex editors and many other utilities. This is a great packer identifier with a large number of useful functions. For example, it allows you to view file section entropy, which facilitates visual identification of encryption.
It also has a resource viewer with a dump-to-disk feature. DiE enables you to easily access the import table and add plugins and scripts, configure signature scanning methods and view file headers. There is only one problem with this program: a slow update cycle, although it has not been abandoned.
In fact, a new version was released recently! Cracking a custom packer based on GlobeImposter 2. This is another packer and protector detector. On the other hand, the program is frequently updated, offers numerous interesting functions and user-friendly tips for unpacking. Overall, I would recommend it to beginners.
ExeInfoPE has a number of automatic unpackers and will tell you which tool to use to crack a bolt-on protection system. Of course, the program also offers the full set of standard features including a file header viewer, section viewer, hex viewer and even a number of built-in mini-utilities like TerminateProcess and more.
ExeInfoPE also supports plugins. Sometimes you may need to access HDD, memory or applications in binary mode. This is where hex editors come in handy, as exemplified by HxD. This program is free and frequently updated, supports popular formats, is good for searching and offers a user-friendly UI. There are other well-executed features, such as the ability to remotely erase zerofill files. There is also a portable version for easy storage on a flash drive. This hex editor has a long history, but it is still supported by its devs.
The Norton Commander-like interface might scare off a younger crowd, but it is easy to get used to. A useful program for malware analysis.
It also enables you to work with resources. In other words, this is a versatile antivirus tool for initial sample analysis. If you want to, you can view sections in hex mode and disassemble them into regular assembler mnemonics. PE-bear has a user-friendly UI and file-comparing utility. So, if you find a bug, you can fix it yourself. This program emulates working with a network.
When studying malware samples, you often need to see all their Internet activities: monitor DNS and HTTP queries, sniff traffic and identify IP addresses of the controlling servers for example, if you are dealing with a ransomware bot.
Fakenet-NG is fully supported with frequent updates, so this utility can be used in the latest operating sytems. It would be hard to perform reverse engineering without programs from Sysinternals that monitor how applications access the filesystem and processes.
ProcessExplorer shows all processes in a hierarchical tree view, so you can easily see their spawning order. You can also see which dynamic libraries they use, as well as their priority, digital signatures, processor usage and much more. A handy utility for monitoring registry changes. RegShot takes snapshots of the registry before and after you do some system or software changes.
You can see which ports it accesses both local and remote , together with protocols, process identifiers and transmitted packet counters. Overall, this is one of the most useful tools for any hacker! A popular program for editing resources, including manifests, icons, text dialog lines, cursor info and much more. We have covered the main utilities used for most reverse engineering tasks. I think this should be enough for a beginner.
Your own list will grow as you progress. Many reverse engineers end up writing their own targeted programs, plugins and scripts. If you know similar software or want to share links to other useful tools, please do so in the comments! Finalmente, puedes usar el IRC. Existen los canales como Cracks, Crackz y Serials, cuales ofrecen cracks a traves de bots que se quedan en el canal. Siempre ten precauciones al bajar un crack.
Por eso siempre recomiendo que le des un SCAN con un antivirus a un archivo cual supuestamente es un Crack. Se que es dificil determinar si el supuesto crack es un virus o no y este es el riesgo de los Cracks.
Normalmente cuando descargas un crack existe un archivo. Si un programa te pide una licensia o numero de seria, copias y pegas el serial encontrado y debe de registrarte el programa. Los serials son codigos de numeros, letras o otros caracteres.
Haces doble click en el archivo. Obviamente tienen que instalar el programa primero y despues usar el Crack. Este crack viene en forma de archivo. DLL y trabaja cuando copias el archivo a un directorio especifico. Este crack viene en forma de un programa normal. El patch lo que hace es que modifica al programa directamente y elimina todos los limites. El keygenerator genera licensias o serials.
EL keygenerator puede generarte licensias nuevas.
0コメント