From Collaborative RCE Tool Library

Jump to: navigation, search

Binary Diff Tools


Tool name: radare
Rating: 5.0 (2 votes)
Author: pancake                        
Website: http://www.radare.org
Current version: 2.0.0
Last updated: October 10, 2017
Direct D/L link: http://bin.rada.re/radare2-w32-2.0.0.zip
License type: LGPL
Description: The radare project aims to provide a complete unix-like toolchain for working with binary files. It currently provides a set of tools to work with 6502, 8051, arc, arm64, avr, brainfuck, whitespace, malbolge, cr16, dcpu16, ebc, gameboy, h8300, tms320, nios2, x86, x86_64, mips, arm, snes, sparc, csr, m68k, powerpc, dalvik and java.

The main program is 'r2' a commandline hexadecimal editor with support for debugging, disassembling, analyzing structures, searching data, analyzing code and support for scripting with bindings for Python, NodeJS, Perl, Ruby, Go, PHP, Vala, Java, Lua, OCaml.

Radare comes with the unix phylosophy in mind. Each module, plugin, tool performs a specific task and each command can be piped to another to extend its functionality. Also, it treats everything as a file: processes, sockets, files, debugger sessions, libraries, etc.. Everything is mapped on a virtual address space that can be configured to map multiple files on it and segment it.

If you are interested or feel attracted by the project join us in the #radare channel at irc.freenode.net.

See website for more details.
Also listed in: .NET Disassemblers, Assemblers, Code Injection Tools, Debuggers, Disassemblers, Hex Editors, Java Disassembler Libraries, Linux Debuggers, Linux Disassemblers, Linux Tools, Memory Dumpers, Memory Patchers, Process Dumpers, Reverse Engineering Frameworks, Ring 3 Debuggers, String Finders, Symbol Retrievers, SysCall Monitoring Tools, Tracers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: WinHex
Rating: 4.5 (2 votes)
Author: Stefan Fleischmann                        
Website: http://www.x-ways.net/winhex
Current version: 15.6
Last updated: March 1, 2010
Direct D/L link: http://www.x-ways.net/winhex.zip
License type: Shareware
Description: WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards. Features include (depending on the license type):

* Disk editor for hard disks, floppy disks, CD-ROM & DVD, ZIP, Smart Media, Compact Flash, ...
* Native support for FAT, NTFS, Ext2/3, ReiserFS, Reiser4, UFS, CDFS, UDF
* Built-in interpretation of RAID systems and dynamic disks
* Various data recovery techniques
* RAM editor, providing access to physical RAM and other processes' virtual memory
* Data interpreter, knowing 20 data types
* Editing data structures using templates (e.g. to repair partition table/boot sector)
* Concatenating and splitting files, unifying and dividing odd and even bytes/words
* Analyzing and comparing files
* Particularly flexible search and replace functions
* Disk cloning (under DOS with X-Ways Replica)
* Drive images & backups (optionally compressed or split into 650 MB archives)
* Programming interface (API) and scripting
* 256-bit AES encryption, checksums, CRC32, hashes (MD5, SHA-1, ...)
* Erase (wipe) confidential files securely, hard drive cleansing to protect your privacy
* Import all clipboard formats, incl. ASCII hex values
* Convert between binary, hex ASCII, Intel Hex, and Motorola S
* Character sets: ANSI ASCII, IBM ASCII, EBCDIC, (Unicode)
* Instant window switching. Printing. Random-number generator.
* Supports files >4 GB. Very fast. Easy to use. Extensive online help.
Also listed in: Hex Editors, Memory Dumpers, Memory Patchers, Memory Search Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Beyond Compare
Rating: 4.0 (1 vote)
Author: Scooter Software                        
Website: http://www.scootersoftware.com
Current version: 2.5.1
Last updated: August 30, 2007
Direct D/L link: N/A
License type: Shareware
Description: A very good text/code diffing tool. Also a good binary diffing tool if using the plugin for this from the author's website.
Also listed in: File System Diff Tools, Image Diff Tools, Text Diff Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Androguard
Rating: 0.0 (0 votes)
Author: Anthony Desnos                        
Website: http://code.google.com/p/androguard/
Current version: 0.9
Last updated: September 25, 2011
Direct D/L link: http://androguard.googlecode.com/files/androguard-0.9.tar.gz
License type: LGPL
Description: Androguard (Android Guard) is primarily a tool written in full python to play with :
- .class (JavaVM)
- .dex (DalvikVM)
- APK
- JAR
- Android's binary xml

Androguard has the following features :
- Map and manipulate (read/write) DEX/CLASS/APK/JAR files into full Python objects,
- Native support of DEX code in a c++ library,
- Access to the static analysis of your code (basic blocks, instructions, permissions (with database from http://www.android-permissions.org/) ...) and create your own static analysis tool,
- Check if an android application is present in a database (malwares, goodwares ?),
- Open source database of android malwares,
- Diffing of android applications,
- Measure the efficiency of obfuscators (proguard, ...),
- Determine if your application has been pirated (rip-off indicator),
- Risk indicator of malicious application,
- Reverse engineering of applications (goodwares, malwares),
- Transform Android's binary xml (like AndroidManifest.xml) into classic xml,
- Visualize your application into cytoscape (by using xgmml format), or PNG/DOT output,
- Patch JVM classes, add native library dependencies,
- Dump the jvm process to find classes into memory,
- ...
Also listed in: Android Tools, Disassembler Libraries, Disassemblers, Entropy Analyzers, Java Disassembler Libraries, Malware Analysis Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Araxis Merge
Rating: 0.0 (0 votes)
Author: Araxis                        
Website: http://www.araxis.com/merge/
Current version:
Last updated: December 6, 2007
Direct D/L link: http://www.araxis.com/merge/Download.html
License type: Commercial, 30 day evaluation
Description: Merge is the visual file comparison (diff), merging and folder synchronization application from Araxis. Use it to compare and merge source code, web pages and other text files with native application performance. Compare images and binary files. Synchronize folders. Perform code reviews and audits. Work with source hierarchies containing thousands of files.

Features include:

- 3 way diff comparison (compare 3 files or data sets at the same time)
- ASCII, MBCS, UNICODE
- Binary and image (jpg, gif etc) comparison (very cool, can easily detect single changed pixels, e.g. in cases of steganography etc!)

Very powerful tool, useful for quickly diff'ing a directory structure of files to check for changes.
Also listed in: Text Diff Tools, Image Diff Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: ExamDiff Pro
Rating: 0.0 (0 votes)
Author: prestoSoft                        
Website: http://www.prestosoft.com/edp_examdiffpro.asp
Current version: 3.5.1.5
Last updated: May 26, 2007
Direct D/L link: http://www.prestosoft.com/download/edpro35_with_plug-ins.exe
License type: Commercial
Description: From the product's website:


ExamDiff Pro is a powerful yet intuitive and easy to use visual file and directory comparison tool for Windows 98/Me/NT/2000/XP/2003/Vista. It features unique functionality that distinguishes ExamDiff Pro from other comparison programs. If you've been frustrated with other comparison utilities, you will find that ExamDiff Pro offers a much more efficient and user-friendly way to compare files and folders.

Also listed in: Text Diff Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Relyze
Rating: 0.0 (0 votes)
Author: Relyze Software Limited                        
Website: https://www.relyze.com
Current version: 1.1.0
Last updated: June 17, 2015
Direct D/L link: N/A
License type: Commercial
Description: Relyze is an interactive software analysis application that allows the disassembling and analysis of native x86 and x64 Windows software. It presents the results of the analysis using several different views.

* Overview - The overview presents general information about the file being analysed and includes such things as embedded file version metadata, file hash values as well as information about the analysis such as the duration and the amount of code and data analysed. An interactive entropy graph is displayed to visualize the files data.

* Structure view - The Structure view displays the parsed file format of the executable file being analysed. An interactive hex viewer displays the raw bytes that compose the file format.

* Code view - The Code view displays the disassembly of the executable's files code. The disassembly is viewed through interactive graphs which represent the control flow of the disassembled functions. The user can navigate the code and annotate the results of the analysis by adding comments or renaming variables. Interactive reference graphs can be generated to visualize what code or data references other code or data.

* Diff view - The Diff view displays the results of performing a differential analysis against a second executable file in order to visually observe the changes between the two executable's at a function level. A list of all equal, modified, removed and added functions will be displayed along with a split graph view, allowing the user to see a side by side comparison of two modified functions.

Relyze supports analyzing the Portable Executable (PE) file format for either the x86 or x64 architecture. It can load debug symbol information from PDB, embedded COFF and MAP files. Relyze offers plugin support through an embedded Ruby interpreter which exposes an API allowing a user to interact with the application and access the results of the analysis.
Also listed in: Disassemblers, Executable Diff Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)


RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.





Views
Category Navigation Tree
   Code Coverage Tools  (13)
   Code Ripping Tools  (2)
   Binary Diff Tools  (7)
   Image Diff Tools  (2)
   System Diff Tools  (5)
   Text Diff Tools  (6)
   Helper Tools  (3)
   Hex Editors  (13)
   Memory Patchers  (7)
   Packers  (20)
   Profiler Tools  (11)
   String Finders  (10)
   Tool Hiding Tools  (7)
   Tracers  (22)
   Needs New Category  (3)