dELTA

  1. Collaborative RCE Tool Library (CRCETL) site update

    During the last week I've applied a bunch of additions and smaller bug fixes to the Collaborative RCE Tool Library site.

    If you notice any problems, please let me know!

    Here is a summary of the (externally) more notable updates:

    • Added the field "Related URLs" to all tool entries. These URLs are meant to contain other URLs in addition to the main homepage for the tool, which can be useful when using the tool, e.g. an online manual, a third-party tutorial, a useful forum discussion thread, an informative blog entry etc.
    • Added a "Most Recent Updates" page (linked from the menu under the category navigation tree to the left), which lists all recently added or updated tools in the library (mostly for RSS-impaired users, since the RSS feeds are a much more efficient way of keeping up to date about all new and updated RCE tools).
    • Added a "Full Library Index" page (linked from the menu under the category navigation tree to the left), which lists links to all tools in the entire library, for easy manual searching through all tool names.
    • Made the listings of tools on category pages recursive, for easier, more intuitive and more efficient navigation.
    • Made the category tool counters in the category navigation tree recursive, for easier overview and improved correctness.
    • Added reporting of parent categories for all tool entries in the addition/update RSS feeds.
    • Added multi-select for the category selection option when adding or updating tools.
    • Created a better favicon.
    • Fixed a bug that caused invalid sorting in the category navigation tree, all categories in the tree are now strictly alphabetically sorted.
    • Fixed a bug that caused the "parent category markers" (auto expansion and red selection for all parent categories of the current category or tool) in the category navigation tree, now it should work 100%.
    • Fixed some bugs related to double HTML encoding.


    Enjoy!
    Categories
    Uncategorized
  2. Collaborative RCE Tool Library contents so far

    This should hopefully both give you all a picture of the usefulness of the Collaborative RCE Tool Library (http://www.woodmann.com/collaborative/tools), and also get Google kick-started on indexing it in a good way.

    Tools so far are, in alphabetical order:

    http://www.woodmann.com/collaborative/tools/index.php/ADInsight
    http://www.woodmann.com/collaborative/tools/index.php/AND%27s_pakk2
    http://www.woodmann.com/collaborative/tools/index.php/API_Help
    http://www.woodmann.com/collaborative/tools/index.php/Advanced_obj_and_lib_IDA_signature_ripper
    http://www.woodmann.com/collaborative/tools/index.php/All-Seeing_Eye
    http://www.woodmann.com/collaborative/tools/index.php/AnalyzeThis%21
    http://www.woodmann.com/collaborative/tools/index.php/Anti_Anti-BPM_FrameWork
    http://www.woodmann.com/collaborative/tools/index.php/Anti_Anti-BPM_via_SEH%2C_KiUserExceptionFilter_Mod
    http://www.woodmann.com/collaborative/tools/index.php/Anubis
    http://www.woodmann.com/collaborative/tools/index.php/Araxis_Merge
    http://www.woodmann.com/collaborative/tools/index.php/ArmInline
    http://www.woodmann.com/collaborative/tools/index.php/ArmaGUI
    http://www.woodmann.com/collaborative/tools/index.php/Armadillo_4.30a_Dumping_Script
    http://www.woodmann.com/collaborative/tools/index.php/Armadillo_5.xx_OEP_Finder_OllyScript
    http://www.woodmann.com/collaborative/tools/index.php/Asm2Clipboard
    http://www.woodmann.com/collaborative/tools/index.php/Auto_Debug
    http://www.woodmann.com/collaborative/tools/index.php/BCEL
    http://www.woodmann.com/collaborative/tools/index.php/BeaEngine
    http://www.woodmann.com/collaborative/tools/index.php/Beyond_Compare
    http://www.woodmann.com/collaborative/tools/index.php/BinDiff
    http://www.woodmann.com/collaborative/tools/index.php/Bochs
    http://www.woodmann.com/collaborative/tools/index.php/Boomerang
    http://www.woodmann.com/collaborative/tools/index.php/BoundsChecker
    http://www.woodmann.com/collaborative/tools/index.php/Burndump
    http://www.woodmann.com/collaborative/tools/index.php/Burneye
    http://www.woodmann.com/collaborative/tools/index.php/BusTRACE
    http://www.woodmann.com/collaborative/tools/index.php/CFF_Explorer
    http://www.woodmann.com/collaborative/tools/index.php/CLBPlus%21
    http://www.woodmann.com/collaborative/tools/index.php/COMView
    http://www.woodmann.com/collaborative/tools/index.php/CRC_Calculator
    http://www.woodmann.com/collaborative/tools/index.php/CWSandbox
    http://www.woodmann.com/collaborative/tools/index.php/Cheat_%27O_Matic
    http://www.woodmann.com/collaborative/tools/index.php/Cheat_Engine
    http://www.woodmann.com/collaborative/tools/index.php/CheckSum_Fixer
    http://www.woodmann.com/collaborative/tools/index.php/Cleanup_Ex
    http://www.woodmann.com/collaborative/tools/index.php/Code_Ripper
    http://www.woodmann.com/collaborative/tools/index.php/Codename_ASLAN_%284514N%29
    http://www.woodmann.com/collaborative/tools/index.php/CommandBar
    http://www.woodmann.com/collaborative/tools/index.php/Conditional_Branch_Logger
    http://www.woodmann.com/collaborative/tools/index.php/Cryptlib
    http://www.woodmann.com/collaborative/tools/index.php/Crypto%2B%2B
    http://www.woodmann.com/collaborative/tools/index.php/DLL_Injection_Framework
    http://www.woodmann.com/collaborative/tools/index.php/DUP
    http://www.woodmann.com/collaborative/tools/index.php/DXWnd
    http://www.woodmann.com/collaborative/tools/index.php/Data_Ripper
    http://www.woodmann.com/collaborative/tools/index.php/DeJunk
    http://www.woodmann.com/collaborative/tools/index.php/DebugPlugin
    http://www.woodmann.com/collaborative/tools/index.php/DebugView
    http://www.woodmann.com/collaborative/tools/index.php/DelForExp
    http://www.woodmann.com/collaborative/tools/index.php/Delphi_6_Full_IDA_Signatures
    http://www.woodmann.com/collaborative/tools/index.php/Delphi_7_Full_IDA_Signatures
    http://www.woodmann.com/collaborative/tools/index.php/Detours
    http://www.woodmann.com/collaborative/tools/index.php/DiStorm64_x86-64_Disasm_Lib
    http://www.woodmann.com/collaborative/tools/index.php/DiffMerge
    http://www.woodmann.com/collaborative/tools/index.php/DilloDIE
    http://www.woodmann.com/collaborative/tools/index.php/Direct3D_Hooking
    http://www.woodmann.com/collaborative/tools/index.php/DiskMon
    http://www.woodmann.com/collaborative/tools/index.php/Dotnet_IL_Editor_%28DILE%29
    http://www.woodmann.com/collaborative/tools/index.php/Dream_of_every_reverser
    http://www.woodmann.com/collaborative/tools/index.php/EDB_Linux_Debugger
    http://www.woodmann.com/collaborative/tools/index.php/EEye_Binary_Diffing_Suite_%28EBDS%29
    http://www.woodmann.com/collaborative/tools/index.php/ERESI_Framework
    http://www.woodmann.com/collaborative/tools/index.php/EXeScope
    http://www.woodmann.com/collaborative/tools/index.php/Easy_Code
    http://www.woodmann.com/collaborative/tools/index.php/Efilter
    http://www.woodmann.com/collaborative/tools/index.php/Eutron_Smartkey_Reader
    http://www.woodmann.com/collaborative/tools/index.php/ExamDiff_Pro
    http://www.woodmann.com/collaborative/tools/index.php/Exception_Counter
    http://www.woodmann.com/collaborative/tools/index.php/ExeToC_Decompiler
    http://www.woodmann.com/collaborative/tools/index.php/ExtraCopy
    http://www.woodmann.com/collaborative/tools/index.php/FREN
    http://www.woodmann.com/collaborative/tools/index.php/FSG
    http://www.woodmann.com/collaborative/tools/index.php/Fast_IDB2Sig_and_LoadMap_IDA_plugins
    http://www.woodmann.com/collaborative/tools/index.php/Fenris
    http://www.woodmann.com/collaborative/tools/index.php/FileMon
    http://www.woodmann.com/collaborative/tools/index.php/Firebug
    http://www.woodmann.com/collaborative/tools/index.php/Flasm
    http://www.woodmann.com/collaborative/tools/index.php/Flat_Assembler_%28FASM%29
    http://www.woodmann.com/collaborative/tools/index.php/Flayer
    http://www.woodmann.com/collaborative/tools/index.php/Fresh
    http://www.woodmann.com/collaborative/tools/index.php/FullDisasm
    http://www.woodmann.com/collaborative/tools/index.php/GNU_Multiple_Precision_Arithmetic_Library_%28GMP%29
    http://www.woodmann.com/collaborative/tools/index.php/GUI_WinDbg
    http://www.woodmann.com/collaborative/tools/index.php/GenericUnpacker
    http://www.woodmann.com/collaborative/tools/index.php/GoDup
    http://www.woodmann.com/collaborative/tools/index.php/Groovy_Hex_Editor
    http://www.woodmann.com/collaborative/tools/index.php/Hex-Rays
    http://www.woodmann.com/collaborative/tools/index.php/Hex_Workshop
    http://www.woodmann.com/collaborative/tools/index.php/Hide_Caption
    http://www.woodmann.com/collaborative/tools/index.php/Hide_Debugger
    http://www.woodmann.com/collaborative/tools/index.php/Hiew
    http://www.woodmann.com/collaborative/tools/index.php/HookExplorer
    http://www.woodmann.com/collaborative/tools/index.php/IDA2SICE
    http://www.woodmann.com/collaborative/tools/index.php/IDACompare
    http://www.woodmann.com/collaborative/tools/index.php/IDAFicator
    http://www.woodmann.com/collaborative/tools/index.php/IDA_Free_4.9_SDK_Library_Patch
    http://www.woodmann.com/collaborative/tools/index.php/IDA_Pro
    http://www.woodmann.com/collaborative/tools/index.php/IDA_Pro_Free
    http://www.woodmann.com/collaborative/tools/index.php/IDCDumpFix
    http://www.woodmann.com/collaborative/tools/index.php/IIDKing
    http://www.woodmann.com/collaborative/tools/index.php/IZArc
    http://www.woodmann.com/collaborative/tools/index.php/IZArc_Command_Line_Add-On
    http://www.woodmann.com/collaborative/tools/index.php/IceExt
    http://www.woodmann.com/collaborative/tools/index.php/ImageRemCert
    http://www.woodmann.com/collaborative/tools/index.php/Immunity_Debugger
    http://www.woodmann.com/collaborative/tools/index.php/ImpREC
    http://www.woodmann.com/collaborative/tools/index.php/InnoCry
    http://www.woodmann.com/collaborative/tools/index.php/IsDebuggerPresent
    http://www.woodmann.com/collaborative/tools/index.php/Jad
    http://www.woodmann.com/collaborative/tools/index.php/Jim_Clausing%27s_Malware_Packer_Signatures
    http://www.woodmann.com/collaborative/tools/index.php/KaKeeware_Application_Monitor_%28KAM%29
    http://www.woodmann.com/collaborative/tools/index.php/KernelSpy
    http://www.woodmann.com/collaborative/tools/index.php/Key-lok_II_C%2B%2B_library_IDA_Signatures
    http://www.woodmann.com/collaborative/tools/index.php/LCB_Plugin
    http://www.woodmann.com/collaborative/tools/index.php/Labeler
    http://www.woodmann.com/collaborative/tools/index.php/Labelmaster
    http://www.woodmann.com/collaborative/tools/index.php/LoadSome
    http://www.woodmann.com/collaborative/tools/index.php/LordPE
    http://www.woodmann.com/collaborative/tools/index.php/Lore%27s_Source_to_HTML_Converter
    http://www.woodmann.com/collaborative/tools/index.php/MASM32
    http://www.woodmann.com/collaborative/tools/index.php/MIDA
    http://www.woodmann.com/collaborative/tools/index.php/MIRACL
    http://www.woodmann.com/collaborative/tools/index.php/Macro_Assembler_%28MASM%29
    http://www.woodmann.com/collaborative/tools/index.php/Magic_Trainer_Creator
    http://www.woodmann.com/collaborative/tools/index.php/Main_Page
    http://www.woodmann.com/collaborative/tools/index.php/Malcode_Analysis_Pack
    http://www.woodmann.com/collaborative/tools/index.php/MapConv
    http://www.woodmann.com/collaborative/tools/index.php/Matrix_Dongle_C%2B%2B_library_IDA_Signatures ...
    Categories
    Uncategorized
  3. The secret project finally revealed...

    After spending most of my available spare time for the majority of this past year on a secret project which I've hoped will be of great benefit for the entire reversing community, I'm finally today quite proud to be able to present to you all:

    The Collaborative RCE Tool Library

    http://www.woodmann.com/collaborative/tools

    For more introductory information about this project and what it's for, please see the following forum thread:

    http://www.woodmann.com/forum/showthread.php?t=11097

    And for further discussions about it, this is its official forum thread:

    http://www.woodmann.com/forum/showthread.php?t=11098

    I hope you will all enjoy it, I sure know I will!
    Categories
    Uncategorized
  4. Future occupation: Archeological reverser?

    A nice little story on the source code reversing of a highly compact binary code of a program written for an ancient processor:

    http://hardware.slashdot.org/article.pl?sid=07/11/15/1818248
    Categories
    Uncategorized
  5. First blog entry ever on Woodmann.com!

    So, the day has finally come, we now have free blogs for all members!

    Sorry for waiting with it until now...

    Any member can from now on have their own, full-featured blog here at woodmann.com, with RSS feed, pingbacks and everything else you would expect from a serious blog host. And of course, the freedom to write about anything you want, as long as you follow our usual rules (i.e. don't post any explicit information about how to remove the protection from any named commercial products, however do note that named malware protection busting for example is completely OK!).

    So, together let's make this the best reversing blog place ever, starting now, and please everyone who already has (or knows someone who has) a reversing blog on some other generic host like Wordpress, Blogger or whatnot, move it here, now!

    Well, don't just stand there, blog away then!


    [EDIT]
    Some useful tips for new bloggers:

    You should normally set the options in your blog control panel to the following (which is also the default suggestion when you view your blog settings):

    Members on buddy list may:
    View Blog
    Leave comments on blog entries

    Everyone else may:
    View Blog
    Leave comments on blog entries

    Our global site settings still makes it so that people who are not members of the board cannot post any comments, so you don't have to worry about any spam, and should not manipulate the settings above to protect against that.

    Similarly, you should not use these global blog settings to hide a non-finished blog post (i.e. a draft) until it is done, since that will also affect all other previous posts on your blog. Instead, simply use "Save draft" button instead of the "Post Now" button when saving it. When you later are later editing the post, and feel that it is ready for the public, simply use the "Publish Status" dropdown in the "Miscellaneous Options" section of the "Additional Options" box that always appears below the main post text field when you are editing/creating a post, and select the "Publish Now" option (instead of the "Draft blog entry" option that will be selected once you have saved a post as a draft) to publish on the blog for everyone to see.

    [EDIT2]
    If you want to subscribe to an RSS feed containing all blog posts in all blogs at woodmann.com, this is the URL of that feed:
    http://www.woodmann.com/forum/blog_external.php

    The feed URLs for individual blogs have the following format, and can be acquired from the "View RSS Feed" link on the page of the blog in question:
    http://www.woodmann.com/forum/blog_external.php?bloguserid=XXXX

    Important note: In order for your blog posts to show up in your RSS feed, you must have your blog permissions set as described above!


    Oh, and while we're talking about RSS feeds, I hope you already know that you can subscribe to such feeds for all posts in the messageboard too, or to the same in any number of selected forums, with the following URLs:

    All posts on entire board:
    http://www.woodmann.com/forum/external.php

    All posts in selected forums:
    http://www.woodmann.com/forum/external.php?forumids=xx,yy,xx,...
    (where the forumids parameter is a comma-separated list with any number of forum ids, which are the id-numbers for each forum that can be seen in the URL field when clicking on the forums in question in the message board index, i.e. the "f" parameter in the URL)

    [EDIT3]
    For some stupid reason the links above don't seem to be visible if you are viewing this post from the blog front-page (they are replaced with "[Link]"). If you want to see the real links, please go to the original blog post by clicking its title at the top of the post.
    Categories
    Uncategorized