27-03-2016
Added switch which demonstrates switching from AArch32 to AArch64 and back. Code is hosted at
github. Detailed writeup is
here
06-04-2015
Added
Control Flow Guard instrumentation example
13-01-2014
Added lldbinit.py so lldb will look nicer. Code is hosted at
github
04-06-2013
Added small writeup (description) of
DT_GNU_HASH
30-05-2013
Added
elf32mod IDA loader plugin to properly load ELF files without Section Header
09-05-2013
Updated
pinlog for latest PinTool, and also added support for Mac
11-03-2013
Added
itracer binary instrumentation tool which I've used in
Dealing with funny checksum tutorial
02-02-2013
Added
color eip redirection IDA python script to mark jmp/jcc/call/ret inside of a function with different colors
31-01-2013
Added
timestop tool to freeze time when application calls GetTickCount by means of PDE/PTE modifcation of KUSER_SHARED_DATA for a given process
15-11-2012
Added
pinlog tool to trace execution via Pin, and to show flow of execution by importing log into IDA
27-02-2012
Added
ImmSoftice Plugin Immunity Debugger Plugin which allows Immunity Debugger to use SoftICE key mapping
23-11-2011
Added
dotnet dumper tool to list all tables from .NET binary
03-09-2011
Added
rsrcExtractor IDA plugin to extract resources from loaded file
26-02-2011
Added
DisableFormat tool to disable explorer.exe from poping up "You need to format the disk in drive blabla" whenever you insert encrypted USB dongle
04-02-2011
Added
Unpacker Template which uses tracer.sys (custom debug engine) to unpack some simple packers
04-02-2011
Added
DbgViewPatch to solve small issue which causes system to hang when application which uses OutputDebugStringA/W dies before setting DBWIN_DATA_READY event
30-01-2011
Added
tracer or Writing tracer without using Windows Debug API old tool, developed back in 2007
27-01-2011
Added
DynAslrInstaller tool to enable ASLR system wide for non-ASLR dlls
21-01-2011
Added
win32kf tool to dump Shadow Service Table from win32k. Supports x32 and x64 windows
12-12-2010
Added
xchat_sasl plugin to enable connection to FreeNode via ToR
14-8-2009
Added
imp64 tool to dump and fix imports in x64 targets
27-5-2009
Added
remMpress64 source which was released a long time ago
26-5-2009
Added
xTracer program which allows fast OEP tracing. This program is also available as ARTeam release and is released under GPL 3.0
26-5-2009
Added
sdumper SoftICE extension to dump memory from SoftICE
26-5-2009
Added
WinInfo small progy to display information about window
23-1-2009
Added
Drive List to list all PhysicalDrives on your computer
4-1-2009
Added
bootiso which displays my avatar and boots your system
21-9-2008
Added
Export Log to demonstrate how to spy custom GetProcAddress
19-7-2008
Added
SymbolFinder to list all enums, structs, and symbols from ntoskrnl.exe
8-7-2008
Added
pdepte softice plugin
23-6-2008
ReAllocate Resources updated to support Vista
17-6-2008
Added
remMpress64 - unpacker for mpress x64 packed images
20-5-2008
Yes, I'm alive!!!! Added cpuid break driver and loader in
ring0 section
8-02-2008
drX emulation for single/multi cpu systems added in
ring0 section
7-11-2007
Added two new songs in
music section
27-8-2007
Added
Dll Break and Enter
22-8-2007
Fixed one small error in
GenericUnpacker dumping code
22-8-2007
Added modified version of
FakeRdtsc driver, also poc code which is contained inside of the archive can be used to detect presence of VMWare. I have to thank to Archer (author of QuickUnpack) for letting me know about this weird behaviour of VMWare. Hope they will fix it soon :)
21-8-2007
Added
msrs driver code
6-8-2007
Dream Of Every Reverser source uploaded (public version)
1-8-2007
Undocumented Windows 2000 Secrets is released as e-book by it's author :
http://www.rawol.com/?topic=77
29-7-2007
Added
Generic Unpacker
7-7-2007
Added
TheMida Spy utility
4-7-2007
Added
Anti-SecuROM SoftICE Plugin
28-5-2007
Added
Ultimate Hooking Engine, check
engines section
11-5-2007
Finaly I've deciced to update my web site, so here it is. Some new stuff are added to it, but most important is
Dream Of Every Reverser memory tracing engine.