Results 1 to 10 of 10

Thread: review - new tool

  1. #1

    review - new tool

    yo,

    i'm making a new tool where i try to do some interesting stuff ....

    http://www.woodmann.net/0xf001/review

    src will be released next week (free as in free beer and free speech )

    any inputs are very welcome!

    cheers, 0xf001

    ps: should compile on any platform

    [ edit ] i had to move the page, as that server doesn't respond anymore

  2. #2
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Hey, you liar, it didn't compile on my Commodore 64! I feel so dirty and deceived...

    Jokes aside, very nice tool 0xf001, you da man.

  3. #3
    thx dELTA!

    it definately has some potential with that very abstract search i think ... and applications like finding ie polymorph code among other evil things hehe
    expressions and rules can be as long as you want and it includes wildcards, too.

    so ... i apologize - should compile when you have a qt-devel package available for your platform and when this platform is not too stone old

    i recently was told olly can do code searches, too. the difference to that is that here you can be abstract and are not bound to name an opcode explicitly - you can just use groups like "any block of arithmetic instructions of any size that modifies eax, or ebx but not ebp" for example....
    (* x insn_group==insn_arithmetic && reg_used==eax || reg_used==ebx && reg_used != ebp)
    hehe

    or evil like
    insn_group==control_flow && register_used==eax
    and such

    cheers,

    --
    0xf001

  4. #4
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Very nice indeed!

  5. #5
    kryshaam
    Guest
    Screenshots looks good ! It seems to be useful and user friendly , i'm waiting for the release

    nice work
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Good Job! Looking for the source release as well and will definitely contribute to this work since I deal with Linux day to day. One big problem with ELF32 format is it's so poorly documented and really hard to decipher unlike windows PE header.

    My primary platform is itanium2 the intel 64 bit chip. Hopefully I can do something in that regard as well.

  7. #7
    yosh64
    Guest
    hey

    Looks darn impressive, I look forward to its release .

    cya
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    cr.ap
    Guest
    looks like a week can be a pretty long time
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    Found on his page

    [note] review is a spare time project, and under develompment. recent real life
    developments have slowed down its development and thereby pushed back the
    planned release also (unfortunately).
    I think it will be available in the same time that Damn Vulnerable Linux.
    Please consider donating to help Woodmann.com staying online (here is why).
    Any amount greatly appreciated. Thank you.

  10. #10
    Any chance of a pre-alpha release?

Similar Threads

  1. Bad review
    By BoB in forum Off Topic
    Replies: 1
    Last Post: October 3rd, 2013, 22:23
  2. A Bug Hunterís Diary review
    By j00ru vx tech blog in forum Blogs Forum
    Replies: 0
    Last Post: February 17th, 2012, 22:19
  3. Debugger commands review
    By Nynaeve in forum Blogs Forum
    Replies: 0
    Last Post: April 23rd, 2008, 10:01
  4. Remote debugging review
    By Nynaeve in forum Blogs Forum
    Replies: 0
    Last Post: April 22nd, 2008, 22:00
  5. Peer review...
    By Ryan in forum Advanced Reversing and Programming
    Replies: 3
    Last Post: April 20th, 2001, 04:25

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •