Professional Documents
Culture Documents
MARE Cheatsheet
MARE Cheatsheet
Analysis Cheatsheet
VMware Workstation Hosted hypervisor to set up virtual machines on a single physical host.
rs
Cr
PE Sieve Detect injected processes, shellcode, hooks, and other in-memory patches.
En
gi
Ud
Process Hacker Free tool to monitor system resources, debug software and detect malware.
ti
ne
Process Monitor Real-time monitoring tool for file system, registry and process/thread activity.
em
na
Rohitab API Monitor Free tool to monitor and control API calls made by applications and services.
er
in
FileActivityWatch
eo
Free tool to monitor read, write and delete operations of all files.
Es
FolderChangesView Free tool to monitor a folder or disk drive for file and folder changes.
rg
Burp Suite CE Web traffic inspection and security testing tool for web applications.
NetworkMiner Open-source network forensic analysis tool and passive network sniffer.
Proxifier Proxy any network application through SOCKS or HTTPS proxy and chains.
Immunity Debugger Debugger and disassembler with support for Python scripting.
Olly Phant0m plugin Plugin for concealment of OllyDbg from known anti-debugging techniques.
Re
Radare2 Free toolchain for reverse engineering, exploiting, debugging and forensics.
ve
Snowman Plugin and standalone decompiler for ELF, Mach-O, and PE files.
rs
En
Static analysis
is
gi
Ud
ti
ne
CFF Explorer PE editor with full support for the .NET file format.
em
er
ExeInfoPE View information about PE files, identify packers, scan file entropy.
in
LordPE View and manipulate PE files (headers, sections, imports, exports, etc).
eo
PEiD Detect most common packers, cryptors and compilers for PE files.
Es
rg
PE Studio
hi
Miscellaneous
DeskPins Very useful utility to make any application stay Always on top.
FirmwareTablesView Tool for Windows that displays firmware tables (ACPI, SMBIOS).
HxD Free and fast hex editor with raw disk editing and modifying of RAM support.
ProcessDump Process dumping tool with import reconstruction support for Windows 10.
VBinDiff Binary diff tool for Windows designed for large files.
WinGraph IDA and standalone utility to visualise graphs in textual GDL specification.
Yara Pattern matching Swiss knife for identifying and classifying malware.
rs
e
Cr
En
is
gi
Ud
ti
ne
em
na
er
y
in
Gh
g
eo
Es
rg
se
hi
nt
sa
ia
n
ls