From Collaborative RCE Tool Library

Jump to: navigation, search

Specific by Compiler


Tool name: DeDe
Rating: 4.0 (1 vote)
Author: DaFixer                        
Website: http://dafixer.cjb.net
Current version: 3.50.04 (build 1635)
Last updated: June 25, 2006
Direct D/L link: Locally archived copy
License type: Free / Open Source
Description: DeDe is a very fast application that allows you to analyze executables compiled with Delphi 2,3,4,5,6,7, C++ Builder, Kylix and Kol, and gives you the following:

· All .dfm files of the target. You will be able to open and edit them with Delphi.
· All published methods in well commented ASM code with references to strings, imported function calls, classes methods calls, components in the unit, Try-Except and Try-Finally blocks. (By default DeDe retrieves only the published methods sources, but you may also process another procedure in a executable if you know the RVA offset using the Tools|Disassemble Proc menu.)
· A lot of additional information the files.
· You can create a Delphi project folder with all dfm, pas, dpr files. Note: pas files contains the mentioned above well commented ASM code. They can not be recompiled !

You can also:
· View the PE Header of all PE Files and change/edit the sections flags.
· Use the opcode-to-asm tool for translating intel opcode to assembler.
· Use RVA-to-PhysOffset tool for fast converting physical and RVA addresses.
· Use the DCU Dumper (view dcu2int.txt for more details) to retrieve near to pascal code of your DCU files.
· Use BPL(DPL) Dumper to see BPL exports and create symbol files to use with DeDe disassembler.
· Disassemble a target EXE directly from memory in case of a packed exe.

------------
NOTE:
The original site seems to be gone (or at least DeDe seems to be gone from it), and the locally archived copy here in this CRCETL entry is not the version with source code included. If someone has a copy of the version with source included, or a version higher than 3.50.02 build 1619 (which is the one we have locally archived, even though at least 3.50.04 build 1635 exists), please upload it here!
Also listed in: Decompilers, Delphi Decompilers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: DE Decompiler
Rating: 0.0 (0 votes)
Author: GPcH Soft                        
Website: http://www.de-decompiler.com
Current version: 2.0 (updated)
Last updated: March 2, 2008
Direct D/L link: http://www.de-decompiler.com/files/de_decompiler_lite.zip
License type: Commercial (with demo)
Description: DE Decompiler is the unique solution for decompiling the Delphi generated programs (EXE, DLL, OCX). As you know the Delphi programs is the native win32 executable files.

DE Decompiler restores most parts of the compiled code and helps you to recover most parts of the lost sources. It contans the powerful disassembler which supports Pentium Pro commands including MMX and SSE extensions. Also it has a useful smart assembler code emulation engine. The build-in disassembler allows you to disassemble a lots of functions and represents it in semi-decompiled mode. DE Decompiler has a wonderful code analyzer which makes your work easy and fast. In addition to all it can search for all the API function's calls and the string references in the disassembled code and comment them out for analyzed strings.

If you lost your source codes - DE Decompiler save your time and helps you to restore it.

In general, DE Decompiler is the ideal tool for analyzing programs and it is perfect if you lose your source code and need to partially restore the project.
Also listed in: Decompilers, Delphi Decompilers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: PEBrowse Professional
Rating: 0.0 (0 votes)
Author: SmidgeonSoft                        
Website: http://www.smidgeonsoft.prohosting.com/pebrowse-pro-file-viewer.html
Current version: 9.2.5
Last updated: 28 December, 2007
Direct D/L link: http://www.smidgeonsoft.com/download/PEBrowse.zip
License type: Free
Description: PEBrowse Professional is a static-analysis tool and disassembler for Win32/Win64 executables and Microsoft .NET assemblies produced according to the Portable Executable specifications published by Microsoft. For Microsoft Windows Vista, Windows XP, Windows 2000, and others. (We have received reports that the software also works on other OSes, including Wine (!) and Windows CE.)

With the PEBrowse disassembler, one can open and examine any executable without the need to have it loaded as part of an active process with a debugger. Applications, system DLLs, device-drivers and Microsoft .NET assemblies are all candidates for offline analysis using PEBrowse. The information is organized in a convenient treeview index with the major divisions of the PE file displayed as nodes. In most cases selecting nodes will enable context-sensitive multiple view menu options, including binary dump, section detail, disassembly and structure options as well as displaying sub-items, such as optional header directory entries or exported functions, that can be found as part of a PE file unit. Several table displays, hex/ASCII equivalents, window messages and error codes, as well as a calculator and scratchpads are accessible from the main menu.

While the binary dump display offers various display options, e.g., BYTE, WORD, or DWORD alignment, the greatest value of PEBrowse comes when one disassembles an entry-point. An entry-point in PEBrowse is defined as:

* Module entry-point
* Exports (if any)
* Debug-symbols (if a valid PDB, i.e., program database file, is present)
* Imported API references
* Relocation addresses
* Internal functions/subroutines
* Any valid address inside of the module

Selecting and disassembling any number of these entry-points produces a versatile display rich in detail including upper/lowercase display, C/Pascal/Assembler suffix/prefixing, object code, color-coded statements, register usage highlighting, and jump/call target preview popups. Additional information, such as variable and function names, will also be present if one has access to a valid PDB file. Disassembly comes in two flavors: linear sweep (sequential disassembly from a starting address) and recursive traversal, aka, analysis mode (disassembly of all statements reachable by non-call statements - extended analysis disassembles all internal call statements as well). The latter mode also presents local variables with cross-referencing, highlighting, and renaming options. If one adds/changes variable name or adds comments to specific lines, these can be displayed in a session file which will record and save all currently opened displays.

PEBrowse Professional will decompile type library information either embedded inside of the binary as the resource "TYPELIB" or inside of individual type libraries, i.e., .TLB or .OLB files.

PEBrowse Professional also displays all metadata for .NET assemblies and displays IL (Intermediate Language) for .NET methods. It seamlessly handles mixed assemblies, i.e., those that contain both native and managed code.

Finally, PEBrowse can be employed as a file browse utility for any type of file with the restriction that the file must be small enough that it can be memory-mapped.
Also listed in: Disassemblers, .NET Disassemblers, COM Tools, .NET Tools, Delphi Tools, Exe Analyzers, Memory Dumpers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)


RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.


Subcategories

There is one subcategory to this category.


Retrieved from "http://www.woodmann.com/collaborative/tools/index.php/Category:Specific_by_Compiler"



Views