Programming Libraries

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

BCEL

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

The Apache Jakarta Project

Website:

http://jakarta.apache.org/bcel

Current version:

5.2

Last updated:

June 6, 2006

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

The Byte Code Engineering Library is intended to give users a convenient possibility to analyze, create, and manipulate (binary) Java class files (those ending with .class). Classes are represented by objects which contain all the symbolic information of the given class: methods, fields and byte code instructions, in particular.

Such objects can be read from an existing file, be transformed by a program (e.g. a class loader at run-time) and dumped to a file again. An even more interesting application is the creation of classes from scratch at run-time. The Byte Code Engineering Library (BCEL) may be also useful if you want to learn about the Java Virtual Machine (JVM) and the format of Java .class files.

BCEL contains a byte code verifier named JustIce, which usually gives you much better information about what's wrong with your code than the standard JVM message.

BCEL is already being used successfully in several projects such as compilers, optimizers, obsfuscators, code generators and analysis tools. Unfortunately there hasn't been much development going on over the past few years.

Also listed in:

Java Disassembler Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

bzip2

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Julian Seward

Website:

http://www.bzip.org

Current version:

1.0.4

Last updated:

December 20, 2006

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

bzip2 is a freely available, patent free (see below), high-quality data compressor. It typically compresses files to within 10% to 15% of the best available techniques (the PPM family of statistical compressors), whilst being around twice as fast at compression and six times faster at decompression.

The current version is 1.0.4, released 20 December 2006.

Why would I want to use it?

* Because it compresses well. So it packs more stuff into your overfull disk drives, distribution CDs, backup tapes, Zip disks, etc. And/or it reduces your phone bills, customer download times, long distance network traffic, etc. It's not the world's fastest compressor, but it's still fast enough to be very useful.

* Because it's open-source (BSD-style license), and, as far as I know, patent-free. (To the best of my knowledge. I can't afford to do a full patent search, so I can't guarantee this. Caveat emptor). So you can use it for whatever you like. Naturally, the source code is part of the distribution.

* Because it supports (limited) recovery from media errors. If you are trying to restore compressed data from a backup tape or disk, and that data contains some errors, bzip2 may still be able to decompress those parts of the file which are undamaged.

* Because you already know how to use it. bzip2's command line flags are similar to those of GNU Gzip, so if you know how to use gzip, you know how to use bzip2.

* Because it's very portable. It should run on any 32 or 64-bit machine with an ANSI C compiler. The distribution should compile unmodified on Unix and Win32 systems. Earlier versions have been ported with little difficulty to a large number of weird and wonderful systems.

* Because (by now, late 2006) everybody else uses it too.

The code is organised as a library with a programming interface. The bzip2 program itself is a client of the library. You can use the library in your own programs, to directly read and write .bz2 files, or even just to compress data in memory using the bzip2 algorithms.

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

cryptlib

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Peter Gutmann (yeah, that lunatic)

Website:

http://www.cs.auckland.ac.nz/~pgut001/cryptlib/

Current version:

3.3.1

Last updated:

recent snapshots always available

Direct D/L link:

http://www.cypherpunks.to/~peter/cl331.zip

License type:

"GPL-compatible license", A.K.A. "Sleepycat license"...

Description:

Besides very, very diverse and creative name, cryptlib comes with 400+ pages manual (...), and really fast implementations of common crypto primitives.

Also listed in:

Crypto Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Crypto++

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Wei Dai

Website:

http://www.cryptopp.com

Current version:

5.5.2

Last updated:

September 24, 2007

Direct D/L link:

http://www.cryptopp.com/cryptopp552.zip

License type:

Public Domain (!)

Description:

Cross platform library with usual crypto primitives: Hashing algos, asymmetric and symmetric algorithms, MAC's and support for elliptic curve cryptography.

Also listed in:

Crypto Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

diStorm64 x86-64 Disasm Lib

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Gil Dabah & Co.

Website:

http://www.ragestorm.net/distorm

Current version:

1.7.27

Last updated:

December 10, 2007

Direct D/L link:

http://www.ragestorm.net/distorm/dl.php?id=11

License type:

BSD license

Description:

Cross platform x86, x64, MMX, SSE, SSE2, SSE3, SSE4 and soon SSE5 support with open opcode database support (tools available, carefully examine the whole page, you're looking for disops.zip, at the moment available at http://www.ragestorm.net/distorm/dl.php?id=13)

'nough said.

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

DisasMSIL

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Daniel Pistelli

Website:

http://ntcore.com/Files/disasmsil.htm

Current version:

1.0

Last updated:

April 30, 2008

Direct D/L link:

http://ntcore.com/Files/disasmsil/DisasMSIL.zip

License type:

Free / Open source

Description:

DisasMSIL is a free/open disasm engine for the Microsoft Intermediate Language (MSIL). You can use it any context you wish. There are no license restrictions. The only thing I ask you to do is to send me your bug fixes (if any).

Note: Don't rely on the ECMA specification (Partition III: Common Language Infrastructure), since it's incomplete. Some new opcodes were introduced with the .NET Framework 2.0.

Also listed in:

.NET Disassembler Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Disasm32

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Russell Libby

Website:

http://users.adelphia.net/~rllibby/source.html

Current version:

Last updated:

March 1, 2004

Direct D/L link:

License type:

Free / Open Source

Description:

Delphi Disassembler Conversion of libdisasm 2.0. This is a Delphi conversion of the libdisasm project. The source code provides basic disassembly of Intel x86 instructions from a binary stream. The intent is to provide an easy to use disassembler class which can be called to disassemble instructions from memory. Disassembled information is in Intel syntax, as well as in an intermediate format which includes detailed instruction and operand type information.

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

Fixed OllyDbg Disasm DLL

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

CondZero

Website:

http://arteam.accessroot.com/releases.html

Current version:

1.10

Last updated:

April 9, 2008

Direct D/L link:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

License type:

Free

Description:

An improved and fixed version of the already known disasm library (released by Oleh, Olly's author and part of the Olly's disasm engine). A little tool might help for your tools.

This package includes source code of 32-bit Disassembler and 32-bit single line Assembler for 80x86-compatible processors. The source is a slightly stripped/modified version of code used in OllyDbg v1.10 and is well proven by its numerous users.

The disasm.dll has been built using VS2005 VC 8.0 (special note: I had to make a couple modifications for errors during compilation in the source).

To include in your program, make sure the disasm.lib file is in your project folder and the resultant disasm.dll in your executable folder. Be sure to add this to your source code:
#pragma hdrstop
#include "disasm.h"

Also listed in:

Disassembler Libraries

More details:

Tool name:

GNU Multiple Precision Arithmetic Library (GMP)

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Free Software Foundation

Website:

http://gmplib.org

Current version:

4.2.2

Last updated:

September 11, 2007

Direct D/L link:

http://ftp.sunet.se/pub/gnu/gmp/gmp-4.2.2.tar.gz

License type:

Free / Open Source

Description:

GMP is a free library for arbitrary precision arithmetic, operating on signed integers, rational numbers, and floating point numbers. There is no practical limit to the precision except the ones implied by the available memory in the machine GMP runs on. GMP has a rich set of functions, and the functions have a regular interface.

The main target applications for GMP are cryptography applications and research, Internet security applications, algebra systems, computational algebra research, etc.

GMP is carefully designed to be as fast as possible, both for small operands and for huge operands. The speed is achieved by using fullwords as the basic arithmetic type, by using fast algorithms, with highly optimized assembly code for the most common inner loops for a lot of CPUs, and by a general emphasis on speed.

GMP is faster than any other bignum library. The advantage for GMP increases with the operand sizes for many operations, since GMP uses asymptotically faster algorithms.

The first GMP release was made in 1991. It is continually developed and maintained, with a new release about once a year.

Also listed in:

BigNum Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Hacker Disassembler Engine (HDE)

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Veacheslav Patkov

Website:

N/A

Current version:

0.09

Last updated:

October 26, 2007

Direct D/L link:

License type:

Free

Description:

This is small disassembler engine intended to x86-32 code analyse. HDE get length of command, prefixes, ModR/M and SIB bytes, opcode, immediate value, displacement, etc. For example, you can use HDE when writing unpackers, decryptors, viruses of executable files. HDE package include compiled object files in difference formats, header files and assembler source.

* Supports FPU, MMX, SSE, SSE2, SSE3, 3DNow! instructions
* High speed and small size (660 bytes)
* Position and OS independent code
* Compatibility with a most coding languages

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

libarchive

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

kientzle@freebsd.org

Website:

http://people.freebsd.org/~kientzle/libarchive

Current version:

2.4.11

Last updated:

December 30, 2007

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. The bsdtar program is an implementation of tar(1) that is built on top of libarchive. It started as a test harness, but has grown into a feature-competitive replacement for GNU tar. The bsdcpio program is an implementation of cpio(1) that is built on top of libarchive.

The libarchive library offers a number of features that make it both very flexible and very powerful.

* Automatic format detection: libarchive can automatically determine both the compression and the archive format, regardless of the data source. (GNU tar and star only do full format detection when reading from a file, for instance. Gunnar Ritter's heirloom tar also does full automatic format detection.)

* Reads popular formats: libarchive can read GNU tar, ustar, pax interchange format, cpio, zip, and ISO9660 formats. The internal architecture is easily extensible. The only requirement for read support is that all metadata for a file must precede the file data itself within the archive.

* Writes popular formats: libarchive can write ustar, pax interchange format, cpio, and shar formats. The internal architecture is easily extensible. The only requirement for write support is that all metadata for a file must follow the preceding file's data within the archive. (Yes, there are formats that libarchive can write but not read and vice versa.)

* Reads and writes POSIX formats: libarchive reads and writes POSIX-standard formats, including "ustar," "pax interchange format," and the POSIX "cpio" format.

* Supports pax interchange format: Pax interchange format (which, despite the name, is really an extended tar format) eliminates almost all limitations of historic tar formats and provides a standard method for incorporating vendor-specific extensions. libarchive exploits this extension mechanism to support ACLs and file flags, for example. (Joerg Schilling's star archiver and recent versions of GNU tar also support pax interchange format.)

* High-Level API: the libarchive API makes it fairly simple to build an archive from a list of filenames or to extract the entries from an archive. However, the API also provides extreme flexibility with regards to data sources. For example, there are generic hooks that allow you to write an archive to a socket or read data from an archive entry into a memory buffer.

* Modular: The library design carefully minimizes link pollution. If you only need read support for a single format, for example, you will only get the required code. This minimizes the size of statically-linked executables. (In particular, zlib or libbz2 are only required if you specifically request gzip or bzip2 support.)

* Extensible: The internal design uses generic interfaces for compression, archive format detection and decoding, and archive data I/O. It should be very easy to add new formats, new compression methods, or new ways of reading/writing archives.

* Featureful: Libarchive handles ACLs, file flags, extended attributes, international characters, large files, long pathnames, and many other features. Details vary depending on the particular format, of course.

* Fast: Libarchive minimizes data copying when handling archive files and contains carefully-tuned code for recreating objects on disk.

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

libdisasm

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

mammon_, ReZiDeNt, The Grugq, MO_K, a_p, fbj

Website:

http://bastard.sourceforge.net/libdisasm.html

Current version:

0.23

Last updated:

January 16, 2008

Direct D/L link:

License type:

Free / Open Source

Description:

x86 Disassembler Library

The libdisasm library provides basic disassembly of Intel x86 instructions from a binary stream. The intent is to provide an easy to use disassembler which can be called from any application; the disassembly can be produced in AT&T syntax and Intel syntax, as well as in an intermediate format which includes detailed instruction and operand type information.

This disassembler is derived from libi386.so in the bastard project; as such it is x86 specific and will not be expanded to include other CPU architectures. Releases for libdisasm are generated automatically alongside releases of the bastard; it is not a standalone project, though it is a standalone library.

The recent spate of objdump output analyzers has proven that many of the people [not necessarily programmers] interested in writing disassemblers have little knowledge of, or interest in, C programming; as a result, these "disassemblers" have been written in Perl. In order to address this audience, a HOWTO has been provided which demonstrates how to use the libdisasm opcode tables to implement a true disassembler using Perl.

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

MIRACL

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

ShamusSoftware

Website:

http://www.shamus.ie

Current version:

5.3.2

Last updated:

October 2007

Direct D/L link:

N/A

License type:

Free

Description:

MIRACL is a Big Number Library which implements all of the primitives necessary to design Big Number Cryptography into your real-world application. It is primarily a tool for cryptographic system implementors. RSA public key cryptography, Diffie-Hellman Key exchange, DSA digital signature, they are all just a few procedure calls away. Support is also included for even more esoteric Elliptic Curves and Lucas function based schemes. The latest version offers full support for Elliptic Curve Cryptography over GF(p) and GF(2m) - see the links on this page for more details. Less well-known techniques can also be implemented as MIRACL allows you to work directly and efficiently with the big numbers that are the building blocks of number-theoretic cryptography. Although implemented as a C library, a well-thought out C++ wrapper is provided, which greatly simplifies program development. Most example programs (25+ of them) are provided in both C and C++ versions.

MIRACL now provides more support for conventional cryptography. The latest version implements the Advanced Encryption Standard (AES), Modes of Operation, and the new hashing standards SHA-160/256/384/512.

MIRACL is compact, fast and efficient and its now easier than ever to get the same near-optimal performance from any processor. Although essentially a portable library, inline assembly and special techniques can be invoked for blistering speed. MIRACL has also been successfully used in both embedded and DSP environments where space is at a premium. A new special purpose macro assembler feature facilitates the achievement of best possible performance from your embedded processor (see embedded.doc). MIRACL is, to an extent, self-configuring. Use your compiler to compile and run a simple configuration program, which proceeds with user interaction to generate optimal settings for your environment.

Also listed in:

BigNum Libraries, Crypto Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

OpenSSL libcrypto

Currently4/5
1
2
3
4
5

Rating: 4.0 (1 vote)

Author:

The OpenSSL Project

Website:

http://www.openssl.org

Current version:

Last updated:

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

Very competent crypto library used in OpenSSL.

Online documentation at:

http://www.openssl.org/docs/crypto/crypto.html

Also listed in:

Crypto Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

pynary

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

c1de0x

Website:

http://code.google.com/p/openrce-snippets/wiki/pynary

Current version:

0.0.1

Last updated:

Direct D/L link:

N/A

License type:

Open Source

Description:

pynary will become a powerful platform independent framework for binary code analysis.

The initial goal is to the implementation of function signature matching using graph isomorphism and an extensible 'write-your-own-heuristic' model to allow tweaks for particular targets. It will also identify standard library global constants and structure where possible.

Once the initial goal is achieved, a number of cool features are planned:

* stack frame analysis
* un-inliner
* exception handling parsing/analysis
* 'functionally equivalent' matching
* c++ template function matching
* meta-data transfer between IDBs
* c++ class reconstruction (with/without RTTI)
* ...

This project is still in its infancy, and looking for volunteers.

Also listed in:

Deobfuscation Tools, Executable Diff Tools, Reverse Engineering Frameworks, Exe Analyzers, Diff Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

radare

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

pancake

Website:

http://radare.nopcode.org

Current version:

0.9.3

Last updated:

February 19, 2008

Direct D/L link:

http://radare.nopcode.org/get/radare-0.9.3.tar.gz

License type:

GPL

Description:

The radare project aims to provide a complete unix-like toolchain for working with binary files. It currently provides a set of tools to work with x86, arm and java with some ones powerpc.

The core is a raw hexadecimal editor for commandline with scripting features and perl/python extensions that gets extended with IO plugins that hooks the open/read/write/close/system calls.

The debugger and disassembler has a code analysis module for x86, arm and java. This way it's possible to draw graphs using Cairo on a GTK window or store the flow execution of a program on a log file and use the information to diff't against another trace or binary.

The toolchain provides assemblers and disasemblers for x86, arm and java.

The disassembler has been enhaced to handle inline comments, code block detections and flag references (data pointers or so).

The debugger currently works on linux,*bsd x86-32 but it has initial support for x86-64 and linux-ARM, and w32 support is in mind too.

But there are IO plugins for debugging windows and DOS applications via wine and dosemu. Initial gxemul support gives us the possibility to also debug ARM, MIPS, SPARC, .. binaries.

There are some internal commands to handle memory maps, mount a syscall proxy, inject code, patch data, dump user data sections, step-back, syscall tracing, hardware DRx register manipulation, conditional watchpoints with expressions, signalling manipulation, syscall injection and very early threading support..

Data structures can be parsed with hand-written C programs called as extensions from radare. So the hexadecimal editor comes with a set of views for different bases and print formats like URL-encoding, binary, octal, shellcode, C string-like, which is really useful for developing shellcodes.

There's a minimal GUI frontend written in C that interacts directly with an VTE running radare. But I plan to write a new native frontend written in Vala.

Current development plugins are:

* ewf: EnCase (R) forensic disk images
* winedbg: WineDebugger interface ( winedbg://./program.exe )
* haret: Remotely read WindowsCE memory ( haret://host:port )
* ptrace: Debugs or attach to a process ( dbg://file or pid://PID )
* sysproxy: Connects to a remote syscallproxy server
* remote: TCP IO ( listen://:port or connect://host:port )
* gdb: Debugs or attach to a process using gdb (gdb://file, gdb://PID, gdb://host:port)
* w32: posix to native w32 api io
* posix: plain posix file access

The tools provided around the core are:

* radare: command line hexadecimal editor with IO plugin extensions
* rabin: get info from ELF/MZ/PE/CLASS files
* rasc: shellcode generator and tester (outputs in raw, hexpairs or C)
* bindiff: binary diffing utilities for raw files, binaries, data blocks, etc
* xrefs: find crossed references on raw images for ppc, arm and x86
* hasher: calculate different algorithms over data blocks of a file or stream
* rsc: command line helpers written in shellscript or perl
* javasm: minimalistic java assembler/disassembler/classdumper
* armasm: minimalistic arm assembler
* xc: converts between multiple radix numeric bases

FMI see the mailing list

Have fun!

Also listed in:

Assemblers, Binary Diff Tools, Code Injection Tools, Disassemblers, Hex Editors, Java Disassembler Libraries, Linux Debuggers, Linux Disassemblers, Linux Tools, Memory Dumpers, Memory Patchers, Process Dumpers, Reverse Engineering Frameworks, Ring 3 Debuggers, String Finders, Symbol Retrievers, SysCall Monitoring Tools, Tracers

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

SharpZipLib

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

IC#Code

Website:

http://www.icsharpcode.net/OpenSource/SharpZipLib/Default.aspx

Current version:

0.85.4

Last updated:

September 9, 2007

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

#ziplib (SharpZipLib, formerly NZipLib) is a Zip, GZip, Tar and BZip2 library written entirely in C# for the .NET platform. It is implemented as an assembly (installable in the GAC), and thus can easily be incorporated into other projects (in any .NET language). The creator of #ziplib put it this way: "I've ported the zip library over to C# because I needed gzip/zip compression and I didn't want to use libzip.dll or something like this. I want all in pure C#."

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

SysDasm

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Kayaker

Website:

http://rootkit.com/newsread.php?newsid=208

Current version:

Last updated:

October 26, 2007

Direct D/L link:

License type:

Free / Open Source

Description:

Full-Text Disassembler DLL Export Module for Kernel Mode

I use the source code of NDISASM, the Netwide Disassembler portion of NASM, compiled into a user mode DLL, for use in various reversing projects that incorporate a disassembler component. Recently I decided to recompile the code into a *kernel mode* DLL, to see what use might be made of it in a driver context. The result may be of interest to some, perhaps as a self contained full-text disassembly module for testing or development (i.e. "playing"), or simply as an example of creating and using kernel mode export drivers.

The full-text disassembly module, SysDasm.sys, is created with a single export, which acts as a wrapper around the NDISASM internal disasm routine. This export-only driver is loaded from another driver, either by linking to it explicitly, or by loading it with ZwSetSystemInformation using the SystemLoadImage class.

In this type of export module, the DriverEntry routine is never called but exists so the file is compiled correctly as a .sys driver. If you want to design such a Kernel Mode DLL with functional entry/exit routines, you can add PRIVATE exports declared as DllInitialize/DllUnload. For more on this see for example
DLLs in Kernel Mode by Tim Roberts
http://www.wd-3.com/archive/KernelDlls.htm

The easiest way to use such a kernel mode DLL is to include its .LIB file when compiling the driver which will communicate with it, and to declare the functions you want to import with EXTERN_C DECLSPEC_IMPORT. When the driver is loaded by the system, this second module is loaded as a required kernel DLL and the functions can then be called directly by name. The DLL is unloaded by the system when the driver closes.

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

Udis86

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Vivek Mohan

Website:

http://udis86.sourceforge.net

Current version:

1.6

Last updated:

August 5, 2007

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

Udis86 is an easy-to-use minimalistic disassembler library (libudis86) for the x86 and AMD64 (x86-64) range of instruction set architectures. The primary intent of the design and development of udis86 is to aid software development projects that entail binary code analysis.

1. Full support for the x86 and x86-64 (AMD64) range of instruction set architectures.
2. Full support for all AMD-V, INTEL-VMX, MMX, SSE, SSE2, SSE3, FPU(x87), and AMD 3Dnow! instructions.
3. Supports 16bit, 32bit, and 64bit disassembly modes.
4. Generates output in AT&T or INTEL assembler language syntaxes.
5. Supports flexbile input methods: File, Buffer, and Hooks.
6. Thread-safe and Reentrant.
7. Clean and very easy-to-use API.
8. Builds on *nix systems, Win32, DJGPP (new), Standalone, etc.

Also listed in:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

More details:

Tool name:

WinPcap

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

WinPcap team

Website:

http://www.winpcap.org

Current version:

4.0.1

Last updated:

July 3, 2007

Direct D/L link:

http://www.winpcap.org/install/bin/WinPcap_4_0_1.exe

License type:

Free / Open Source

Description:

WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.

Also listed in:

Networking Libraries

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

zlib

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Jean-loup Gailly & Mark Adler

Website:

http://www.zlib.net

Current version:

1.2.3

Last updated:

July 18, 2005

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

zlib is designed to be a free, general-purpose, legally unencumbered -- that is, not covered by any patents -- lossless data-compression library for use on virtually any computer hardware and operating system. The zlib data format is itself portable across platforms. Unlike the LZW compression method used in Unix compress(1) and in the GIF image format, the compression method currently used in zlib essentially never expands the data. (LZW can double or triple the file size in extreme cases.) zlib's memory footprint is also independent of the input data and can be reduced, if necessary, at some cost in compression. A more precise, technical discussion of both points is available on another page.

zlib was written by Jean-loup Gailly (compression) and Mark Adler (decompression). Jean-loup is also the primary author/maintainer of gzip(1), the author of the comp.compression FAQ list and the former maintainer of Info-ZIP's Zip; Mark is also the author of gzip's and UnZip's main decompression routines and was the original author of Zip. Not surprisingly, the compression algorithm used in zlib is essentially the same as that in gzip and Zip, namely, the `deflate' method that originated in PKWARE's PKZIP 2.x.

Also listed in: