Small unpacker for mpress packed x64 images. Seems like first public unpacker for x64 images...
Code allows you to break at entry of .dll for easier debugging. Useful only for softice users or for writing unpackers. Dll is loaded in 2 ways : manual or via LoadLibraryEx depending on selected options in command line
Generic Unpacker is unpacker for some simple packers, it uses modified(added MP support)
Dream Of Every Reverser Engine to trace execution of the target, source is included, as this is "How to make unpacker" example
TheMida Spy gives you ability to break in kernel32 and advapi32 dll during TheMida layer execution
Demonstrates novel attack in hooking dlls. Basically old dll is replaced in PEB with new dll in such way that whenever GetModuleHandleA/W, LoadLibraryA/W etc. is called it will get handle to my dll and then I can log, fake data when API is called from my .dll.
Code to execute your target from context of explorer.exe. I'm not guy which likes GUI much and I do almost all of my job in console, so when some crackme from www.crackmes.de wants to be started by clikcing on it, then I use this code.
Locate OEP of Debugblocker protected application, during tracign patch will be applied to arma code so you can fix imports w/o a problem, on other hand there is also CopyMemII dumper, code which will apply patch to imports and will dump CopyMem protected application in a metter of seconds.
Once application is dumped, you may use this code to fix SVKP imports very fast.
OepFinder is code which I've developed in some free time for fun of it, later I used it in my tut about ExeCryptor, now I don't use it anymore. Trick with this code is to set PAGE_GUARD on certain range and monitor when EIP is in the range. It is probably the first code to use stealh debugging known also as nonintrusive tracer.
Code was used during themida 1.0.0.5 unpacking, and also for TheHyper Unpackme #2.
Due to the logic of almost all of my dumps non of exisitng import reconstruction engines was good, so I wrote my own which does exactly what I want.