All Questions
Tagged with tools binary-analysis
18 questions
0
votes
1
answer
150
views
Asking for Reverse Engineering Tool Ideas
I'm currently studying cybersecurity and IoT and I'm interested in working on a development project in the realm of reverse engineering. My level is somewhere between beginner and intermediate, and I'...
- 13
2
votes
2
answers
2k
views
UPX Unpacking tool
Firstly, thank you for your answer.
What is the best unpacking tool to use to unpack - UPX 0.89.6 - 1.02 / 1.05 - 1.24 ->[Overlay] could you please provide a link so i can obtain as such.
Thank ...
- 21
1
vote
1
answer
471
views
Binary diff + patching across versions
What are the current options for binary patching which works across different versions of the binary?
E.g. we created a binary patch for a specific version of a binary and want to apply that patch to ...
- 61
1
vote
2
answers
251
views
Gui disabled program functionality
Right now I'm performing analysis of a GUI based application and I'm trying to determine all of it's available functionality.
Right now there's one button remaining labeled "Encrypt", which is greyed ...
- 173
5
votes
1
answer
198
views
Review a collection of executable binaries to determine similarity
I have a collection of different binaries I want to review for code similarity and classification, but I would rather not have to open each of them in IDA and manually review the code in 15 different ...
- 173
0
votes
0
answers
229
views
Tools for statistical analysis of binary streams
I'm in the process of decoding the semantics of an unknown binary stream1. I've come to a point where I understand the overall structure: A tag byte, followed by a size field, and a blob of bytes of ...
- 101
3
votes
2
answers
73
views
Finding a particular call to an offset within a vtable using pattern matching
Let's say I have a very simple pattern I'm looking for. E.g. the following regex,
mov.*(eax|edx|ecx|esi|edi), \[(eax|edx|ecx|esi|edi)\+30h\]
Now, I'm also looking for references to this in which the ...
- 131
1
vote
0
answers
118
views
Record-replay tools for Windows?
Are there any user-mode record-replay tools for Windows that can capture native execution of a program so that it can be replayed deterministically later? Instructions, memory accesses, syscalls and ...
- 121
0
votes
1
answer
11k
views
binwalk zlib data [closed]
I'm reversing firmware and I get some problem with it.
I used binwalk to reversing the firmware, but binwalk produced different result than to my friend. My friend found some zlib data (see 1), but I ...
- 11
2
votes
1
answer
1k
views
How to reverse engineer a database file format?
It is an accounting database whose database file format is proprietary data. But the problem is the database is highly unreliable, corruption go unnoticed for years after which it becomes unbearably ...
0
votes
2
answers
243
views
How to find what code created some data?
I'd like to be able to point to a buffer in memory likely on the heap and have a tool tell me which part of the binary created the data in the file.
What tools can do that for me?
- 181
3
votes
1
answer
3k
views
Check if binary was compiled with security checks (/GS)
I have to check massive amount of binaries whether they were compiled with the /GS option. I assume a good indicator would be to check if they have stack cookie or not. Do you know any tool that can ...
- 2,048
5
votes
1
answer
3k
views
Find file signatures inside an unknown file
I have a .bin file I would like to analyse. Especially find images embedded in this firmware update.
binwalk couldn't find anything.
What other tools do you know to search for possible embedded files?
- 3,079
5
votes
4
answers
2k
views
Is BinNavi available? If not, can I get the source from anywhere?
BinNavi is originally a Zynamics product. But, since the company has been bought by Google, it seems to be difficult to get the library.
I tried to look in the BinNavi manual in the installation ...
- 19.2k
13
votes
5
answers
1k
views
How do you store your data about a binary while performing analysis?
Since now, when I am analyzing a binary, I'm using a "pen and paper" method to locate the different location of the function, the different type of obfuscations, and all my discoveries. It is quite ...
- 19.2k