From Collaborative RCE Tool Library
Binary Diff Tools
| Tool name: | Beyond Compare |
| ||
|---|---|---|---|---|
| Author: | Scooter Software | |||
| Website: | http://www.scootersoftware.com | |||
| Current version: | 2.5.1 | |||
| Last updated: | August 30, 2007 | |||
| Direct D/L link: | N/A | |||
| License type: | Shareware | |||
| Description: | A very good text/code diffing tool. Also a good binary diffing tool if using the plugin for this from the author's website. | |||
| Also listed in: | File System Diff Tools, Image Diff Tools, Text Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | WinHex |
| ||
|---|---|---|---|---|
| Author: | Stefan Fleischmann | |||
| Website: | http://www.x-ways.net/winhex | |||
| Current version: | 14.9 | |||
| Last updated: | April 17, 2008 | |||
| Direct D/L link: | http://www.x-ways.net/winhex.zip | |||
| License type: | Shareware | |||
| Description: | WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards. Features include (depending on the license type): * Disk editor for hard disks, floppy disks, CD-ROM & DVD, ZIP, Smart Media, Compact Flash, ... * Native support for FAT, NTFS, Ext2/3, ReiserFS, Reiser4, UFS, CDFS, UDF * Built-in interpretation of RAID systems and dynamic disks * Various data recovery techniques * RAM editor, providing access to physical RAM and other processes' virtual memory * Data interpreter, knowing 20 data types * Editing data structures using templates (e.g. to repair partition table/boot sector) * Concatenating and splitting files, unifying and dividing odd and even bytes/words * Analyzing and comparing files * Particularly flexible search and replace functions * Disk cloning (under DOS with X-Ways Replica) * Drive images & backups (optionally compressed or split into 650 MB archives) * Programming interface (API) and scripting * 256-bit AES encryption, checksums, CRC32, hashes (MD5, SHA-1, ...) * Erase (wipe) confidential files securely, hard drive cleansing to protect your privacy * Import all clipboard formats, incl. ASCII hex values * Convert between binary, hex ASCII, Intel Hex, and Motorola S * Character sets: ANSI ASCII, IBM ASCII, EBCDIC, (Unicode) * Instant window switching. Printing. Random-number generator. * Supports files >4 GB. Very fast. Easy to use. Extensive online help. | |||
| Also listed in: | Hex Editors, Memory Dumpers, Memory Patchers, Memory Search Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Araxis Merge |
| ||
|---|---|---|---|---|
| Author: | Araxis | |||
| Website: | http://www.araxis.com/merge/ | |||
| Current version: | ||||
| Last updated: | December 6, 2007 | |||
| Direct D/L link: | http://www.araxis.com/merge/Download.html | |||
| License type: | Commercial, 30 day evaluation | |||
| Description: | Merge is the visual file comparison (diff), merging and folder synchronization application from Araxis. Use it to compare and merge source code, web pages and other text files with native application performance. Compare images and binary files. Synchronize folders. Perform code reviews and audits. Work with source hierarchies containing thousands of files. Features include: - 3 way diff comparison (compare 3 files or data sets at the same time) - ASCII, MBCS, UNICODE - Binary and image (jpg, gif etc) comparison (very cool, can easily detect single changed pixels, e.g. in cases of steganography etc!) Very powerful tool, useful for quickly diff'ing a directory structure of files to check for changes. | |||
| Also listed in: | Text Diff Tools, Image Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | ExamDiff Pro |
| ||
|---|---|---|---|---|
| Author: | prestoSoft | |||
| Website: | http://www.prestosoft.com/edp_examdiffpro.asp | |||
| Current version: | 3.5.1.5 | |||
| Last updated: | May 26, 2007 | |||
| Direct D/L link: | http://www.prestosoft.com/download/edpro35_with_plug-ins.exe | |||
| License type: | Commercial | |||
| Description: | From the product's website:
| |||
| Also listed in: | Text Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | radare |
| ||
|---|---|---|---|---|
| Author: | pancake | |||
| Website: | http://radare.nopcode.org | |||
| Current version: | 0.9.3 | |||
| Last updated: | February 19, 2008 | |||
| Direct D/L link: | http://radare.nopcode.org/get/radare-0.9.3.tar.gz | |||
| License type: | GPL | |||
| Description: | The radare project aims to provide a complete unix-like toolchain for working with binary files. It currently provides a set of tools to work with x86, arm and java with some ones powerpc. The core is a raw hexadecimal editor for commandline with scripting features and perl/python extensions that gets extended with IO plugins that hooks the open/read/write/close/system calls. The debugger and disassembler has a code analysis module for x86, arm and java. This way it's possible to draw graphs using Cairo on a GTK window or store the flow execution of a program on a log file and use the information to diff't against another trace or binary. The toolchain provides assemblers and disasemblers for x86, arm and java. The disassembler has been enhaced to handle inline comments, code block detections and flag references (data pointers or so). The debugger currently works on linux,*bsd x86-32 but it has initial support for x86-64 and linux-ARM, and w32 support is in mind too. But there are IO plugins for debugging windows and DOS applications via wine and dosemu. Initial gxemul support gives us the possibility to also debug ARM, MIPS, SPARC, .. binaries. There are some internal commands to handle memory maps, mount a syscall proxy, inject code, patch data, dump user data sections, step-back, syscall tracing, hardware DRx register manipulation, conditional watchpoints with expressions, signalling manipulation, syscall injection and very early threading support.. Data structures can be parsed with hand-written C programs called as extensions from radare. So the hexadecimal editor comes with a set of views for different bases and print formats like URL-encoding, binary, octal, shellcode, C string-like, which is really useful for developing shellcodes. There's a minimal GUI frontend written in C that interacts directly with an VTE running radare. But I plan to write a new native frontend written in Vala. Current development plugins are: * ewf: EnCase (R) forensic disk images * winedbg: WineDebugger interface ( winedbg://./program.exe ) * haret: Remotely read WindowsCE memory ( haret://host:port ) * ptrace: Debugs or attach to a process ( dbg://file or pid://PID ) * sysproxy: Connects to a remote syscallproxy server * remote: TCP IO ( listen://:port or connect://host:port ) * gdb: Debugs or attach to a process using gdb (gdb://file, gdb://PID, gdb://host:port) * w32: posix to native w32 api io * posix: plain posix file access The tools provided around the core are: * radare: command line hexadecimal editor with IO plugin extensions * rabin: get info from ELF/MZ/PE/CLASS files * rasc: shellcode generator and tester (outputs in raw, hexpairs or C) * bindiff: binary diffing utilities for raw files, binaries, data blocks, etc * xrefs: find crossed references on raw images for ppc, arm and x86 * hasher: calculate different algorithms over data blocks of a file or stream * rsc: command line helpers written in shellscript or perl * javasm: minimalistic java assembler/disassembler/classdumper * armasm: minimalistic arm assembler * xc: converts between multiple radix numeric bases FMI see the mailing list Have fun! | |||
| Also listed in: | Assemblers, Code Injection Tools, Disassemblers, Hex Editors, Java Disassembler Libraries, Linux Debuggers, Linux Disassemblers, Linux Tools, Memory Dumpers, Memory Patchers, Process Dumpers, Reverse Engineering Frameworks, Ring 3 Debuggers, String Finders, Symbol Retrievers, SysCall Monitoring Tools, Tracers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
