From Collaborative RCE Tool Library

Jump to: navigation, search

New or Updated Items - RCE Tools (including sub-categories)

RSS feed If you want to keep track of all these updates automatically, simply use this RSS feed instead!

Tool Added: JD-GUI

At: 2018-04-18 22:19:51

Listed in categories: Java Decompilers

Most recent version:

Most recent release date:
March 25, 2018

JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields.

Tool Added: Bytecode Viewer

At: 2018-04-18 22:14:58

Listed in categories: Java Decompilers

Most recent version:
2.9.11 (JRE 8, 9 & 10)

Most recent release date:
March 26, 2018


* Easy to use yet extremely effective.

* Written to run on Java 7, supports Java 8.

* Compile Decompiled Java classes with Ranino Compiler.

* Quickly decompile classes using JD-Core.

* Easily edit APKs via Smali/Baksmali integration.

* Java Decompiling with five different decompilers (DJ-GUI/Core, Procyon, CFR, Fernflower and Krakatau).

* Bytecode Decompiling with CFIDE.

* Android APK integrated with Dex2Jar.

* Securely launch Java applications and insert hooks via EZ-Injection.

* Scan for malicious code with the Malicious Code Scanner plugin.

* Export as DEX, Jar, Class, Zip or Java Source File.

* Open Android APKs, Android DEX, Java Class Files and Java Jars.

* Extensively configurable, over 100+ settings!

* Works seamlessly with all Operating Systems.

* Integrate BCV into Windows by installing it, it'll associate all .class, .dex and .apk to open with BCV.

* View Jar & APK Resources with ease by APKTool.jar integration.

* 100% free and open sourced under GPL v3 CopyLeft.

Tool Updated: GUnPacker

At: 2018-04-15 20:54:23

Listed in categories: Automated Unpackers

Most recent version:

Most recent release date:
February 23, 1997

Generic unpacker supporting packers below

ACProtect 1.09, 1.32, 1.41, 2.0
AHPack 0.1
ASPack 102b, 105b, 1061, 107b, 1082, 1083, 1084, 2000, 2001, 21, 211c, 211d, 211r, 212, 212b212r
ASProtect 1.1, 1.2, 1.23RC1, 1.33, 1.35, 1.40, SKE.2.11, SKE.2.1, SKE.2.2,,
Alloy 4.1, 4.3
alexprot 1.0b2
Beria 0.07
Bero 1
BJFNT 1.2, 1.3
Cexe 10a, 10b
DragonArmor 1
DBpe 2.33
EPPort 0.3
eXe32Pack 1.42
EXECrypt 1
eXeStealth 2.75a, 2.76, 2.64, 2.73, 2.76, 3.16
ExeSax 0.9.1
eXPressor, 1.3
FengYue'Dll unknow
FSG 1.33, 2.0, fsg2.0bart, fsg2.0dulek
GHF Protector v1.0
Krypton 0.2, 0.3, 0.4, 0.5
Hmimys Packer UnKown
JDProtect 0.9, 1.01, 2.0
KByS unknow
MaskPE 1.6, 1.7, 2.0
MEW 11, 1.0/1.2, mew10, mew11_1.2, mew11_1.2_2, mew5
molebox 2.61, 2.65
morphine 2.7
MKFpack 1
Mpress UnKown
Mucki 1
neolite 2
nsapck 2.3, 2.4, 3.1
Packman UnKown
PCShrink 0.71
PC-Guard v5.0, 4.06c
PE Cryptor 1.5
PEBundle 2.3, 2.44, 3.0, 3.2
PE-Armor 0.46, 0.49, 0.75, 0.765
PECompact 1.x
PEDiminisher 0.1
PELock 1.06
PEncrypt 4
pepack 0.99, 1.0
PELockNt 2.01, 2.03, 2.04
PEtite 1.2, 1.3, 1.4, 2.2, 2.3
PKlite32 1.1
PolyCryptA UnKown
peshield 0.2b2
PESpin 0.3, 0.7, 1.1, 1.3
PEX 0.99
PolyCrypt PE 1.42
RLPack 1.1, 1.6, 1.7, 1.8
Rubbish 2
ShrinkWrap 1.4
SDProtector 1.12, 1.16
SLVc0deprotector 0.61, 1.12
SimplePack 1.0, 1.1, 1.2
SoftSentry 3.0
Stealth PE 1.01, 2.1
Stone's PE Encryptor 1.13
SVKP 1.11, 1.32, 1.43
teLock 0.42, 0.51, 0.60, 0.70, 0.71, 0.80, 0.85, 0.90, 0.92, 0.95, 0.96, 0.98, 0.99
Upc All
Upack 0.1, 0.11, 0.12, 0.20, 0.21, 0.22, 0.23, 0.24, 0.25, 0.26, 0.27, 0.29, 0.30, 0.31, 0.32, 0.33, 0.34, 0.35, 0.36, 0.37, 0.38, 0.39, 0.399″
UPolyX 0.2, 0.5
UPX 0.51, 0.60, 0.61, 0.62, 0.71, 0.72, 0.80, 0.81, 0.82, 0.83, 0.84, 0.896, 1.0w, 1.03, 1.04, 1.25w, 2.0w, 2.02, 2.03, 3.03, UPX-Scrambler RC1.x
V2Packer 0.02
VisualProtect 2.57
Vprotector 1.2
WindCrypt 1.0
wwpack32 v1.20, v1.11, v1.12
WinKript 1
yoda's cryptor v1.1, v1.2
yoda's Protector v1.02, v1.03.2, v1.03.3, v1.0b

Tool Updated: PPEE (puppy)

At: 2018-04-06 14:01:30

Listed in categories: .NET Executable Editors, Dependency Analyzer Tools, Entropy Analyzers, Exe Analyzers, Executable CRC Calculators, Executable File Editors & Patchers, Export Editors, Hex Editors, Import Editors, Malware Analysis Tools, PE Executable Editors, Relocation Tools, String Finders

Most recent version:

Most recent release date:
April 6, 2018

This is a professional PE file explorer that lets you dig into all data directories available in the PE/PE64 file and edit them.
Export, Import, Resource, Exception, Certificate(Relies on Windows API), Base Relocation, Debug, TLS, Load Config, Bound Import, IAT, Delay Import and CLR are supported.
Two companion plugins are also provided. FileInfo, to query the file in the well-known malware repositories and take one-click technical information about the file such as its size, entropy, attributes, hashes, version info and so on. YaraPlugin, to test Yara rules against opened file.

Puppy is robust against malformed and crafted PE files which makes it handy for reversers, malware researchers and those who want to inspect PE files in more details.

Puppy is free and tries to be small, fast, nimble and friendly as your puppy!


Both PE32 and PE64 support
Examine YARA rules against opened file
Virustotal and OPSWAT's Metadefender query report
Statically analyze windows native and .Net executables
Robust Parsing of exe, dll, sys, scr, drv, cpl, ocx and more
Edit almost every data structure
Easily dump sections, resources and .Net assembly directories
Entropy and MD5 calculation of the sections and resource items
View strings including URL, Registry, Suspicious, ... embedded in files
Detect common resource types
Extract artifacts remained in PE file
Anomaly detection
Right-click for Copy, Search in web, Whois and dump
Built in hex editor
Explorer context menu integration
Descriptive information for data members
Refresh, Save and Save as menu commands
Drag and drop support
List view columns can sort data in an appropriate way
Open file from command line
Checksum validation
Plugin enabled

Feel free to use it ;)

Tool Updated: SandboxDiff

At: 2018-03-10 14:15:31

Listed in categories: File Monitoring Tools, File System Diff Tools, Install Monitoring Tools, Monitoring Tools, Registry Diff Tools, Registry Monitoring Tools

Most recent version:

Most recent release date:
January 10, 2011

'SandboxDiff' allows tracking changes in Registry and Files when using 'Sandboxie' (an amazing application created by Ronen Tzur).

All Registry entries and File system created/modified by a program sandboxed (or any action sandboxed) are monitored and listed with SandboxDiff.

Very useful when users want (before to install an application) to know all changes made by the installer in Registry and File system.

Tool Updated: Solar Assembler (SolAsm)

At: 2018-03-08 22:14:31

Listed in categories: Assemblers

Most recent version:

Most recent release date:
February 5, 2018

SOLAR Assembler is a modern multipass macro assembler that can compile 16/32/64 bits code and runs on Windows, Linux, MacOSX and Solar_OS.

A few Features:
•Fast on huge and complex projects: 350.000 lines per second
•Can directly generate PE32/64, Binary 16/32/64, DLL32/64
•Can output OMF32, COFF32/64, ELF32/64 and MachO32 OBJ
•    Can encode 16/32/64 ASM code 
•     Strong recursive and nested MACRO system
•     Includes a rich set of High Level primitives:
•         .IF .ELSEIF .ELSE .ENDIF with AND/OR/NOT multiple conditions
•         INVOKE with ADDR support
•         .REPEAT .UNTIL
•         #if, #ifdef, #if_used, #else
•        does not need PROTO, checks PROC arguments 
•     Includes mini in memory resource compiler
•     Emits Listing in standard text format
•     Emits Debug Output in COFF format and an easy to read text format
•     Multiplatform, runs on:
•        WIn95, Win98, Windows XP, VISTA, Windows 7 32 and 64 bits
•         Mac OS X 
•         Unix / Linux and other unix like OSes that can link with an ELF libc
•         Solar OS 
•     It is fully written in ASM, Compiles itself
•     Compiles huge and complex ASM projects like:
•         Solar OS
•         Hostile Encounter RTS Game 
•     Has a rich manual and a set of samples to get you started

Tool Updated: ExeInfo PE

At: 2018-03-07 19:21:31

Listed in categories: .NET Tools, .NET Unpackers, Compiler Identifiers, Crypto Tools, Deobfuscation Tools, Linux Unpackers, PE EXE Signature Tools, Packer Identifiers

Most recent version: ( 1008 / 64 - x64 signatures )

Most recent release date:
March 1, 2018

Good detector for packers, compressors , compiler + unpack info + internal exe tools.
Internal Ripper for zip,rar,Flash swf,cab,msi,bzip,
GFX :bmp/jpg/png/gif,
Colored Disassembler,
Delphi Form viewer ,
.Zlib unpacker v1.2.8 ,
.NET exe info
Send sha256 to
Internal detector for non executable files.
Included EXTERNAL : userDB.txt - 4515 Signatures.

Tool Added: REDasm

At: 2018-02-06 09:44:52

Listed in categories: Disassemblers, Linux Disassemblers, Visual Basic Decompilers

Most recent version:

Most recent release date:

REDasm is a crossplatform, interactive, multiarchitecture disassembler written in C++ with Qt5 framework.
its core is light and it can be extended in order to support new instructions and file formats.
In the future, Python scripting will be supported.

Tool Updated: Anathema .NET Instrumentation Tool

At: 2018-01-12 14:14:17

Listed in categories: .NET Code Injection Tools, .NET Tracers, Reverse Engineering Frameworks

Most recent version:

Most recent release date:
January 11, 2018


Tool Updated: Easy Code

At: 2018-01-07 11:32:17

Listed in categories: Assembler IDE Tools, Assemblers

Most recent version:

Most recent release date:
January 4, 2018

Easy Code is the visual assembly programming environment made to build 32-bit/64-bit Windows applications. The Easy Code interface, looking like Visual Basic, allows you to program Windows assembler applications (executable files, dynamic and static libreries, COFF object files, console applications, NT drivers and services) done in an easy way as was never possible before. There are three versions of Easy Code:

- Version 2.x supporting Fasm, GoAsm, JWasm, Masm, PoAsm and UAsm(32-bit/64-bit), using different tools for the various assemblers.
- Version 1.x supporting Masm (32-bit) using the Microsoft Macro Assembler distributed with the Masm32 SDK
- Version 1.x supporting GoAsm (32-bit) using the Jeremy Gordon's Go tools, distributed with the ECGo package, and the GoAsm Headers

Easy Code works in all Windows platforms (from Win95 to Win10). For more information, please visit the website link shown above.

Tool Updated: RSATool

At: 2017-10-31 17:29:49

Listed in categories: Crypto Tools

Most recent version:

Most recent release date:
November 31, 2017

RSATool, RSA public key encryption algorithm tool.

This Windows program I Prof. Doc., Dr. Jiri Kocian CSc., Jr. created is very useful breaktrough cryptoanalytic utility for generating keypairs, calculating private exponent from P, Q primes and Factorisation of the N modulus to primes P, Q. Now the program also encrypts and decrypts data, all using famous RSA algorithm.

The user enters the keysize in bits, public exponent E and Number base and then from this information keypairs can be generated. The program is also useful for Calculating private exponent D from any P, Q primes entered in edit boxes. The program is also very interesting because of the feature to factorise modulus N to primes P and Q using Quadratic Sieve algorithm. Program also can encrypt and decrypt any text or binary data entered in the Encryption / Decryption dialog text box. Encrypted data can be saved to hard disk in the binary form. Program has a feature to save generated keys. Program also can load the saved keys from files. And neccessary note, please be patient using this program, generating keys with long keysizes like 4096 bits or even 8192 bits or more takes some time in minutes, factorisation is even more time consuming process so be patient.

Release notes:

Since the version 1.15 in the Encrypt/Decrypt dialog box, there's special feature to choose public exponent E or private exponent D for Encryption.

Since the version 1.10 encrypted data are also saved in encrypted.hex file.

Since the version 1.09 the keypair can be now loaded from saved files into program.

Since the version 1.08 the primes P and Q are also saved into the file called primes.p12 when the button Save generated keys clicked.

Since the version 1.06 the program has a feature to save the generated keypair into the files public.key and private.key.

Since the version 1.04.03 the load of binary encrypted data is supported.

Since the version 1.04 there's Encrypt / Decrypt dialogbox included in the program.

In future versions there will be then new dialog box for encryption and decryption of any binary or text data using generated keys.

Program is tested in Windows 7/8.1/10.

Tool Updated: DUP

At: 2017-10-25 23:14:17

Listed in categories: Loader Generators, Memory Patchers, Patch Packaging Tools, Patcher Generators

Most recent version:

Most recent release date:
December 21, 2012

diablo2oo2's Universal Patcher - [dUP]

Probably the most capable patcher/loader creator out there...

Some recent version history

-bugfix in [text patch] module
-bugfix: plugins did not work with "/silent" paramenter
-bugfix: patching used files did not work with "/silent" paramenter

-added large file support for search & replace module
-patchercode now is stored in a DLL
-updated BeaEngine.dll (4.1 rev 172)
-fixed: backup files for [attached file] module
-added new filetime plugin
-added new log message plugin
-added new backup switch plugin
-added new find next file plugin
-fixed: patcher with plugins now can be packed
-new option to run patcher after creation
-new query option in [file check] module: check for write access
-show jump destination of [event] module in patchdata list
-fixed crash when open dUP2 project with large filename
-auto backup unsaved projects
-improved save system
-minor fixes

-bugfix: open files in sharemode
-new disassembler engine: BeaEngine
-improved search & replace comparison
-plugin dlls are loaded now on patcher startup
-updated plugin development kit
-added option to turn off backup by default

-improved compatibility for windows 2000
-usage of reg.exe instead of regedit.exe for registry patching
-added regular expressions (PCRE) support to [Text Patch] module
-added regular expressions (PCRE) support to [Registry Check] module
-added new plugin "Check Windows Version"

-fixed music playback bug
-fixed bug: open *.dUP2 files with dup2.exe
-fixed bug: crash when option "do not check original bytes" is enabled
-fixed bug: commandline parameter "/startupworkdir" did not work
-any bytepattern format will be accepted when it is pasted
-added plugin support
-added ASLR support
-added DLL patching support for the loader

-added console output for patcher
-fixed bug in "silent" mode
-fixed bug when using "multi-wildcard-mode"
-new option to fix the CheckSum in PE Header after patching
-more detailed patchlog
-removed "xmstrip"
-added console command (/setvar) for setting %dup2_cmd_var%
-new logo (thank you kr8Vity!)
-new menu structure

-new option to keep original file time and date
-new option to disable the WOW64 File System Redirector (for 64 Bit Patching)
-new option to import multiple file attachments
-new: tooltip for bytepattern shows now also the ASCII text of the bytepattern
-bugfix: inline patching should now also work on windows 7
-bugfix: improved inline patching method
-text patch: single wildcards (?) will not be cut out any longer at end and begin of the 'Find Text'
-added new "Registry Check" module
-improved access to 64 Bit registry (small bugfix)
-improved menu structure of dup2 gui (adding patchdata is now easier)
-bugfix: crash when open project

-added wildcard support for textpatch module
-windowresize bugs fixed
-minimize patcherwindow with rightmouseclick
-added new "Event" module for patcher. Now you can programm your patcher!
-added new "File Check" module for patcher
-bugfixes in textpatch module
-bugfix: executing attached files
-bugfix: problem with nested environment variables
-bugfix: tooltips will be shown without flicker effect on windows 7
-bugfix: increased pattersize limit for search & replace compare module
-fix: remove quotation marks from paths when reading fom registry

-new "Text-Patch" module !
-bugfix in s&r compare module
-other bugfixes from v2.18
-added linkcursor in patcherwindow
-registry editor now can import v5 reg files
-faster scrolltext engine
-better scrolltext font management
-new function: import long hexpatterns in offset-patch-dialog
-fixed loader_installer bug
-added support for relative paths (subfolders) for the targetfiles
-search & replace comments bugfix
-loader: registrypatcher bugfix
-added new internal environment variable: %dup2_last_path%
-skincontrols now can have transparent backgroundcolor (FFFFFFFF)
-now you can execute multiple search&replace loaders from same directory

-replaced WinExec API by ShellExecute for Windows Vista
-bugfix in Dialog for editing S&R Pattern Occurrence
-added check for skin button IDs
-improved window resizing engine
-added option "trim to path" for Registry Paths
-loader can save now targetfilepath to inifile when its not in same folder
-added TitchySID player for .sid file playback
-added new option for attached files: overwrite existing file
-added support for disabled patch button skin
-added multilanguage support
-fixed bug with tooltip width. long hexpatterns are displayed now in multiple lines
-compiled with new MASM v10
-bugfix when executing attached files
-bugfix for resource (skin) updater
-strings for patcher.exe can be modifed now inside a skin

-improved dup2 plugin for ollydbg v1.10
-long comments for search&replace patchdata now possible
-new v2m player (vista compatible) from
-use targetfile information from s&r dialog in CheckOccurrence Dialog
-added function "back to releaseinfo" in patcher logbox
-bug fixed on vista systems with music playback
-"patch" button will be disabled after patching
-some fixes in projectconverter (for old v1.x dup projects)
-changed handling with unresolved environment variables
-original bytes not saved to compiled patcher when
"dont't check original bytes" option is enabled
-fixed bug when saving columnswidth of listviews
-new for Attached File: delete file after execute
-new for Attached File: wait for process
-added support for PECompact (optional commandline settings)
-manifest in resource is now avaible by default
-patcher: last used filepath will be stored inside %dup2_last_file% environment variable
-removed the ugly "flicker"-effect on bitmap buttons
-improved dumping (open projects from patcher.exe)
-advanced registry patching (usage of placeholders)
-changes in bitmapbutton code (please only use new
button names: BTN_PATCH_OVER ...)
-added fade in/out effect for patcher
-problem with the patchers topmost windows fixed
-removed option from settings dialog: dup file association
-important bugfix in loadercode (patching of protected memory)
-added option for registry patches: resolve environment variables
-fixed bug for musicplayback with bassmod.dll
-added textscroller feature
-fill patchinfdialog with default info only when new project is created
-and many more...

Tool Updated: Radare

At: 2017-10-10 13:50:29

Listed in categories: .NET Disassemblers, Assemblers, Binary Diff Tools, Code Injection Tools, Debuggers, Disassemblers, Hex Editors, Java Disassembler Libraries, Linux Debuggers, Linux Disassemblers, Linux Tools, Memory Dumpers, Memory Patchers, Process Dumpers, Reverse Engineering Frameworks, Ring 3 Debuggers, String Finders, Symbol Retrievers, SysCall Monitoring Tools, Tracers

Most recent version:

Most recent release date:
October 10, 2017

The radare project aims to provide a complete unix-like toolchain for working with binary files. It currently provides a set of tools to work with 6502, 8051, arc, arm64, avr, brainfuck, whitespace, malbolge, cr16, dcpu16, ebc, gameboy, h8300, tms320, nios2, x86, x86_64, mips, arm, snes, sparc, csr, m68k, powerpc, dalvik and java.

The main program is 'r2' a commandline hexadecimal editor with support for debugging, disassembling, analyzing structures, searching data, analyzing code and support for scripting with bindings for Python, NodeJS, Perl, Ruby, Go, PHP, Vala, Java, Lua, OCaml.

Radare comes with the unix phylosophy in mind. Each module, plugin, tool performs a specific task and each command can be piped to another to extend its functionality. Also, it treats everything as a file: processes, sockets, files, debugger sessions, libraries, etc.. Everything is mapped on a virtual address space that can be configured to map multiple files on it and segment it.

If you are interested or feel attracted by the project join us in the #radare channel at

See website for more details.

Tool Updated: WinApiOverride

At: 2017-10-10 10:16:18

Listed in categories: .NET Tracers, API Monitoring Tools, COM Monitoring Tools

Most recent version:

Most recent release date:
April 19, 2017

WinAPIOverride is an advanced api monitoring software for 32 and 64 bits processes.
You can monitor and/or override any function of a process.
This can be done for API functions or executable internal functions.

It tries to fill the gap between classical API monitoring softwares and debuggers.
It can break targeted application before or after a function call, allowing memory or registers changes; and it can directly call functions of the targeted application.
Main differences between other API monitoring softwares :
- You can define filters on parameters or function result
- You can define filters on dll to discard calls from windows system dll
- You can hook functions inside the target process not only API
- You can hook asm functions with parameters passed through registers
- You can hook hardware and software exceptions
- Double and float results are logged
- You can easily override any API or any process internal function
- You can break process before or/and after function call to change memory or registers
- You can call functions which are inside the remote processes
- Can hook COM OLE and ActiveX interfaces
- User types (enum, struct and union) and user defines are supported
- All is is done like modules : you can log or override independently for any function
- A library is provided for developers who intend to build their one hooking software

Tool Updated: Rasta Ring 0 Debugger (RR0D)

At: 2017-10-09 18:55:30

Listed in categories: Ring 0 Debuggers

Most recent version:

Most recent release date:
, 2006

Open source ring 0 debugger for both Windows, Linux and BSD.

Tool Updated: Cheat Engine

At: 2017-10-09 18:32:31

Listed in categories: Memory Patchers, Memory Search Tools

Most recent version:

Most recent release date:
June 7, 2017

Cheat Engine, also known as CE, is an open source and free software, most commonly used for cheating in games using a hex memory searcher and editor to allow people to modify memory addresses. It is currently the most popular cheating software used today. CE has influenced a lot of online games (although it does not work on most any more), as it is open source and can be modified to their needs. This program resembles L. Spiro's MHS, Tsearch, and ArtMoney. It searches for values input by the user with a wide variety of options such as "Unknown Initial Value" and "Decreased Value" scans. Cheat Engine can also create standalone trainers which function on their own without Cheat Engine.

Cheat Engine can also view the disassembled memory of a process and make alterations to give the user advantages such as infinite health, time or ammunition. It also has some Direct3D manipulation tools, allowing you to see through walls, zoom in/out and with some advanced configuration allows Cheat Engine to move the mouse for you to get a certain texture into the center of the screen. This is commonly used to create Aimbots.

Tool Updated: MasmBasic

At: 2017-10-09 17:27:25

Listed in categories: Programming Libraries

Most recent version:

Most recent release date:
October 4, 2017

MasmBasic is a library that allows to use BASIC syntax in assembler, i.e. it is not a "separate" language but rather a library of macros and routines, fully compatible with the latest Masm32 SDK (version 11), MASM (version 6.15 and higher, e.g. version 8.0) and JWasm . While MasmBasic is pretty stable, it is still Assembler, therefore the usual disclaimers apply - do not use for military purposes, in hospitals and anywhere else where buggy applications could cause damage. You have been warned :)

To install the library, double-click MbSetup.exe in the downloaded archive.

For an overview of the about 200 functions available, see \Masm32\MasmBasic\MbGuide.rtf (after extracting the archive of course) or see the (incomplete) MasmBasic Quick Reference online.

Latest additions: For_ each x$ in My$(), improved Switch_, GetFiles returns UTF8 now, WebCam, GetProcessArray(), new GSL lib, Choose, fast MemSet, Instr_() and Sinus() , Data, Read, GuiXX functions, Split$, Join$, Filter$, commandline to Files$(), GfCallback, true Unicode, also in file I/O; UnzipFile, ArraySet, SetReg64 for 64-bit registry settings, ArrayMerge, Age(), GetRegArrays, unsigned LONGLONG in Str$(), ShEx, xls interface, ArrayPlot, AddWin$, WritePipe, Plugins, IsFolder(), wOpen, FileOpen$/FileSave$, also as Unicode versions, Extract$, Dialogs, COM support (CoInvoke, GuidsEqual(), IUnknown, VARIANT, ...), improved ANSI and Unicode commandline macros CL$()/wCL$(), improved xHelp, Launch$(), Try/Catch/Finally, ...

From June 2015 onwards, MasmBasic is Windows 8 compatible. From March 2015 onwards, float counters are valid in For_ ... Next. From 10 Feb 2015 onwards, xmm regs are preserved for all
MasmBasic commands. Note that simple Windows API calls can trash them on 64-bit versions of Windows.

Note that you need either JWasm (highly recommended) or at least ML.EXE version 6.15 to use the MasmBasic library; ML 6.14 (the old version that is included with the Masm32 SDK, see \Masm32\bin) is not sufficient, because MasmBasic contains SSE2 code.

Tool Updated: Ultra hash cracking tool

At: 2017-09-26 05:45:37

Listed in categories: Crypto Tools

Most recent version:

Most recent release date:
March 12, 2017

This cryptoanalytic tool is created for cracking one way hash function algorithms.
The program also can be useful as hash calculator. The feature of the new version is file hashing.

Ultra supports following hash algorithms:


Program uses bruteforce with different charsets and also random attack.
Exclusive option of this software is also ultrafast dictionary attack.

Release notes:

Since the version 1.54 there's a feature to save the generated hash to the binary file "hash.bin" and text file "hash.hex" in the program.

Since version 1.51.4.rc1 there's support for file hashing in this version and next versions of the Hash knife. There are still missing support for file hash in some algorithms. This will be implemented in future versions.

Since November 23, 2015 version 1.39s is available and contains variable salt string edit box. This version is available on the Website.

Since version 1.38 the program accepts zero length messages also as a Max. value (Min. = 0; Max. =0) to generate only zero length message.

Since version 1.31 Ultra handles zero length messages in brute force options (All combinations).

Program is tested in Windows 7/8.1/10.

Tool Added: Wtrace

At: 2017-06-26 00:46:42

Listed in categories: Tracers

Most recent version:

Most recent release date:
March 14, 2017

This application will trace in real-time all File I/O, TCP IP, ALPC and RPC operations performed by a given process. It works on Windows 7+ and requires .NET 4.5.2+. Wtrace stops when the traced process exits, or if you issue Ctrl+C in its command line.

Use pipeline to filter the events, e.g.: wtrace notepad ''

Tool Added: JPEXS Free Flash Decompiler

At: 2017-06-12 06:37:03

Listed in categories: Flash Decompilers, Flash Disassemblers, Flash Tools, Flash Unpackers

Most recent version:
Version 10.0.0

Most recent release date:
December 24, 2016

Exporting scripts, images, shapes, movies, sounds, fonts...
SWF to FLA conversion
SWF to XML export and import again
Various output formats like SVG or HTML5 Canvas
Displaying ActionScript source code.
Experimental direct editing of ActionScript source
Editing via assembler source
Integrated ActionScript debugger - step, breakpoints, set variables
Both ActionScript 1/2 and AS3 support
Clicking decompiled source highlights P-code associated instruction and vice-versa
Replacing images, editing texts, fonts and other tags
Displaying SWF resources (shapes, sprites, fonts, buttons...)
Editation of instance metadata
Hexadecimal dump view with color hilighting also available
Built-in proxy server for editing SWF files which come through it
Java based code which supports multiple platforms
Multilanguage support (see language list)
Can decompile some kinds of obfuscated code too.
Open SWF files hidden in loaders (AS3,Windows)
GFX Scaleform and Iggy 64 () files support
Quality software receiving many awards Awards
see [List of all features]