From Collaborative RCE Tool Library
Memory Data Tracing Tools
| Tool name: | Memory Hacking Software |
| ||
|---|---|---|---|---|
| Author: | L. Spiro | |||
| Website: | http://www.memoryhacking.com | |||
| Current version: | 4.017 | |||
| Last updated: | April 24, 2008 | |||
| Direct D/L link: | http://mhs.mpcforum.com/MHS4.017.rar | |||
| License type: | Free | |||
| Description: | Highly advanced software for memory search/analysis and trainer creation. Recommended! MHS 4.017 (bundle): Bundle includes MHS.exe, zlib1.dll, MHS Help.chm, and ChangeLog.txt. | |||
| Also listed in: | Memory Search Tools, Trainer Generators | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Cheat 'O Matic |
| ||
|---|---|---|---|---|
| Author: | Nick Shaffner | |||
| Website: | http://www.geocities.com/TimesSquare/Dungeon/5633 | |||
| Current version: | 0.99a | |||
| Last updated: | 1997 | |||
| Direct D/L link: | http://bunnzy.oldgamemusic.com/files/extras/apps/cheatomatic099.zip | |||
| License type: | Freeware | |||
| Description: | Cheat 'O Matic is an EXTREMELY easy to use UNIVERSAL cheating program designed to allow you to automatically cheat on ANY game (or other program) that will run on Windows '95, '98 and 'NT (including DOS, Windows 3.1, Windows '95, Windows '98 and Windows 'NT games) - as the game actually runs! Additionally, Cheat 'O Matic allows you to cheat on programs that don't have cheat codes, or in completely different ways that cheat codes may not exist for, and perhaps the game's programmers never intended | |||
| Also listed in: | Memory Search Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Flayer |
| ||
|---|---|---|---|---|
| Author: | Will Drewry & Tavis Ormandy | |||
| Website: | http://code.google.com/p/flayer | |||
| Current version: | 0.0.1 | |||
| Last updated: | August 9, 2007 | |||
| Direct D/L link: | N/A | |||
| License type: | Free / Open Source | |||
| Description: | Flayer is a tool for dynamically exposing application innards for security testing and analysis. It is implemented on the dynamic binary instrumentation framework Valgrind and its memory error detection plug-in, Memcheck . This paper focuses on the implementation of Flayer, its supporting libraries, and their application to software security. Flayer provides tainted, or marked, data flow analysis and instrumentation mechanisms for arbitrarily altering that flow. Flayer improves upon prior taint tracing tools with bit-precision. Taint propagation calculations are performed for each value-creating memory or register operation. These calculations are embedded in the target application's running code using dynamic instrumentation. The same technique has been employed to allow the user to control the outcome of conditional jumps and step over function calls. Flayer's functionality provides a robust foundation for the implementation of security tools and techniques. For example, an effective fault injection testing technique and an automation library, LibFlayer. Alongside these contributions, it explores techniques for vulnerability patch analysis and guided source code auditing. Flayer finds errors in real software. In the past year, its use has yielded the expedient discovery of flaws in security critical software including OpenSSH and OpenSSL. See full paper at: http://www.usenix.org/events/woot07/tech/full_papers/drewry/drewry_html And getting-started information at: http://code.google.com/p/flayer/wiki/GettingStarted | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | HBGary Inspector |
| ||
|---|---|---|---|---|
| Author: | HBGary | |||
| Website: | http://www.hbgary.com/inspector_v2.shtml | |||
| Current version: | 2.0 | |||
| Last updated: | ||||
| Direct D/L link: | N/A | |||
| License type: | Commercial | |||
| Description: | HBGary Inspector speeds team reverse engineering of software binaries. Inspector integrates dynamic runtime tracing with dataflow and static code analysis. Captured test data is recorded in a team-member shared database for further analysis with automated scripts and interactive graphing. Packed, obfuscated, and self-modifying malware binaries resist static disassembly. Anti-debugging tricks hinder runtime analysis. However, malware must unpack and de-obfuscate itself to execute. Inspector defeats many anti-debugging tricks and recovers true program instructions and live memory evidence as malware operates. Dynamic analysis provides accurate information about malware behavior. HBGary Inspector can trace data buffers and packets as they propagate in memory, saving countless hours and days of work for the Reverse Engineer. Complex control flow paths are mapped with interactive navigation graphs. Runtime code coverage is indicated and measured. Inspector is extensible with an exposed application program interface (API) and a powerful scripting system for analysis automation. | |||
| Also listed in: | Tracers, Code Coverage Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | LordCHEAT |
| ||
|---|---|---|---|---|
| Author: | Rudy Rooroh | |||
| Website: | http://www.geocities.com/asmfreesoft | |||
| Current version: | 1.2.4 | |||
| Last updated: | April 9, 2008 | |||
| Direct D/L link: | http://www.geocities.com/asmfreesoft/LordCHEAT124.zip | |||
| License type: | Freeware | |||
| Description: | - Small & Powerfull Game Trainer - Save & Load memory using simple script - Read/Write memory using Hex Editor - Support 16/32 bit Windows games, macromedia flash games, *emulator, etc - Support Pointer to Pointer - Support Plugins - Memory monitor - Can run under windows 98 up to *Vista - etc. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | SpiderPig |
| ||
|---|---|---|---|---|
| Author: | Piotr Bania | |||
| Website: | http://blog.piotrbania.com/search/label/spiderpig | |||
| Current version: | (not yet released) | |||
| Last updated: | ||||
| Direct D/L link: | N/A | |||
| License type: | Free | |||
| Description: | Main idea of SpiderPig is to trace a specified memory region (or specified register value), and also be able to trace all the childs regions that were created by refferencing to previously traced regions. So whenever a previously traced memory region will be refferenced or any other memory region which bases on previously traced memory region will be created, SpiderPig will snort it. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
