▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#DOCKERS 2020 FOR Container Composition

- bocker (2) - Write Dockerfile completely in Bash. Extensible and simple. --> Reusable by @icy

- box - Build Dockerfile images with a mruby DSL, includes flattening and layer manipulation

- Capitan - Composable docker orchestration with added scripting support by @byrnedo.

- compose_plantuml - Generate Plantuml graphs from docker-compose files by @funkwerk

- Composerize - Convert docker run commands into docker-compose files

- crowdr - Tool for managing multiple Docker containers (docker-compose alternative) by @polonskiy

- docker-compose-graphviz - Turn a docker-compose.yml files into Graphviz .dot files by @abesto

- draw-compose - Utility to draw a schema of a docker compose by @Alexis-benoist

- elsy - An opinionated, multi-language, build tool based on Docker and Docker Compose

- habitus - A Build Flow Tool for Docker by @cloud66

- plash - A container run and build engine - runs inside docker.

- rocker-compose - Docker composition tool with idempotency features for deploying apps composed of multiple containers. By @grammarly

- rocker - Extended Dockerfile builder. Supports multiple FROMs, MOUNTS, templates, etc. by grammarly.

- Stacker - Docker Compose Templates. Stacker provides an abstraction layer over Docker Compose and a better DX (developer experience)


> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Deployment and Infrastructure tools-tips-dockers 2020 :


- blackfish - a CoreOS VM to build swarm clusters for Dev & Production by @DataMC

- Centurion - Centurion is a mass deployment tool for Docker fleets. It takes containers from a Docker registry and runs them on a fleet of hosts with the correct environment variables, host volume mappings, and port mappings. By @newrelic

- Clocker - Clocker creates and manages a Docker cloud infrastructure. Clocker supports single-click deployments and runtime management of multi-node applications that run as containers distributed across multiple hosts, on both Docker and Marathon. It leverages Calicocalico and Weaveweave for networking and Brooklynbrooklyn for application blueprints. By @brooklyncentral

- Conduit - Experimental deployment system for Docker by @ehazlett

- depcon - Depcon is written in Go and allows you to easily deploy Docker containers to Apache Mesos/Marathon, Amazon ECS and Kubernetes. By @gonodrgondor

- Grafeas - A common API for metadata about containers, from image and build details to security vulnerabilities. By Grafeas

> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#Building Your Own Penetration Testing Lab :
t.me/UndercodeTesting


The following are some tips and instructions on how you can build your own lab for penetration testing and to practice different defensive techniques helpful for incident response and digital forensics.

🦑Pen Testing Linux Distributions

While most of the penetration testing tools can be downloaded in isolation and installed in many different operating systems, several popular security-related Linux distributions package hundreds of tools. These distributions make it easy for you to get started and not having to worry about many dependencies, libraries, and compatibility issues you may encounter. The following are the three most popular Linux distributions for ethical hacking (penetration testing):

- Kali Linux: probably the most popular distribution of the three. This distribution is primarily supported and maintained by Offensive Security and can be downloaded from https://www.kali.org. You can easily install it in bare-metal systems, virtual machines, and even in devices like the Raspberry Pi, Chromebooks, and many others.
Note: The folks at Offensive Security have created a free training and book that guides you how to install it in your system. Those resources can be accessed at: https://kali.training

- Parrot: is another popular Linux distribution used by many pen testers and security researchers. You can also install it in bare-metal and in virtual machines. You can download Parrot from https://www.parrotsec.org

- BlackArch Linux: this distribution comes with over 2300 different tools and packages and it is also gaining popularity. You can download BlackArch Linux from: https://blackarch.org

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 #monitor your network-Systems like :

Security Onion

RedHuntOS come with


with Snort,

Suricata, ELK, and many other security tools that allow you to monitor your network.

1) You have to setup port mirroring for IDS/IPS systems like Snort to be able to monitor traffic.

2) In Proxmox, you can setup Linux bridges and Open vSwitch (OVS) bridges.



▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

5️⃣ovs-vsctl -- --id=@p get port tap106i1 \
-- --id=@m create mirror name=span1 select-all=true output-port=@p \
-- set bridge vmbr3 mirrors=@m

6️⃣vmbr3 is the OVS bridge for that internal network. This creates a new “mirror” object named “span1”. Span1 will send any IP traffic on the vmbr3 OVS bridge to the second virtual interface on VM 106 (tap106i1).


@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 OVS Setup
I strongly recommend to use OVS bridges to send traffic to your Security Onion VM (or whatever other VM you would like to capture packets or monitor for IDS/IPS functions.

- Note: A bridge is another term for a Switch. It directs traffic to the appropriate interface based on mac address. Open vSwitch bridges should contain raw ethernet devices, along with virtual interfaces such as OVSBonds or OVSIntPorts. These bridges can carry multiple vlans, and be broken out into 'internal ports' to be used as vlan interfaces on the host.

1️⃣First, you need to update the package index and then install the Open vSwitch packages by executing:

apt update
apt install openvswitch-switch

2️⃣Then you can create an OVS bridge and assign the interfaces of each VM that you want to capture packets to that OVS bridge.

3️⃣You then configure the tap interfaces. These are only visible in the system shell (not in the Proxmox GUI) and are added automatically for VMs attached to an OVS-bridge interface. The naming convention of the tap interfaces is based on the ID of the VM they are assigned to, with the name tap[VM-ID]i[interface#].

For example, these are some of the interfaces in one of the Proxmox nodes/servers in one of my clusters:

┌─[root@hermes]─[~]
└──╼ #ip -brie a
lo UNKNOWN 127.0.0.1/8 ::1/128
enp0s31f6 DOWN
enp1s0f0 UP
enp1s0f1 DOWN
enp3s0f0 UP
enp3s0f1 DOWN
vmbr0 UP 192.168.78.10/24 fe80::92e2:baff:fe84:dbd0/64
vmbr1 UP 10.1.1.10/24 fe80::a236:9fff:fe1c:2430/64
vmbr2 UNKNOWN fe80::f84b:12ff:fe3c:6e61/64
ovs-system DOWN
vmbr3 UNKNOWN fe80::208a:52ff:fe6d:504f/64
tap109i0 UNKNOWN
fwbr109i0 UP
fwpr109p0@fwln109i0 UP
fwln109i0@fwpr109p0 UP
tap109i1 UNKNOWN
tap109i2 UNKNOWN
fwbr109i2 UP
fwpr109p2@fwln109i2 UP
fwln109i2@fwpr109p2 UP
tap112i0 UNKNOWN
fwbr112i0 UP
fwpr112p0@fwln112i0 UP
fwln112i0@fwpr112p0 UP
tap112i1 UNKNOWN
fwbr112i1 UP
fwpr112p1@fwln112i1 UP
fwln112i1@fwpr112p1 UP
tap114i0 UNKNOWN
tap119i0 UNKNOWN
fwbr119i0 UP
fwpr119p0@fwln119i0 UP
fwln119i0@fwpr119p0 UP
tap119i1 UNKNOWN
fwbr119i1 UP
fwpr119p1@fwln119i1 UP
fwln119i1@fwpr119p1 UP
tap121i0 UNKNOWN
veth122i0@if59 UP
fwbr122i0 UP
fwpr122p0@fwln122i0 UP
fwln122i0@fwpr122p0 UP
veth122i1@if64 UP
fwbr122i1 UP
fwpr122p1@fwln122i1 UP
fwln122i1@fwpr122p1 UP
tap126i0 UNKNOWN
fwbr126i0 UP
fwpr126p0@fwln126i0 UP
fwln126i0@fwpr126p0 UP
veth130i0@if73 UP
fwbr130i0 UP
fwpr130p0@fwln130i0 UP
fwln130i0@fwpr130p0 UP
veth136i0@if78 UP
fwbr136i0 UP
fwpr136p0@fwln136i0 UP
fwln136i0@fwpr136p0 UP
fwbr109i1 UP
fwln109o1 UNKNOWN
veth115i0@if89 UP
fwbr115i0 UP
fwln115o0 UNKNOWN
tap106i0 UNKNOWN
fwbr106i0 UP
fwpr106p0@fwln106i0 UP
fwln106i0@fwpr106p0 UP
tap106i1 UNKNOWN

tap106i0 is the first (0) virtual interface created for VM with ID 106, and tap106i1 is the second such interface.

4️⃣In order to send all traffic on the OVS bridge to the Security Onion VM (VM 106). I use the following command in the Proxmox node:

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Digital #Forensics and Incident Response (DFIR) Resources

🦑Incident Response

[Cyphon](https://www.cyphon.io/) - Cyphon eliminates the headaches of incident management by streamlining a multitude of related tasks through a single platform. It receives, processes and triages events to provide an all-encompassing solution for your analytic workflow — aggregating data, bundling and prioritizing alerts, and empowering analysts to investigate and document incidents.

Demisto - Demisto community edition(free) offers full Incident lifecycle management, Incident Closure Reports, team assignments and collaboration, and many integrations to enhance automations (like Active Directory, PagerDuty, Jira and much more...)

[FIR](https://github.com/certsocietegenerale/FIR/) - Fast Incident Response (FIR) is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents and is useful for CSIRTs, CERTs and SOCs alike

RTIR - Request Tracker for Incident Response (RTIR) is the premier open source incident handling system targeted for computer security teams. We worked with over a dozen CERT and CSIRT teams around the world to help you handle the ever-increasing volume of incident reports. RTIR builds on all the features of Request Tracker

[SCOT](http://getscot.sandia.gov/) - Sandia Cyber Omni Tracker (SCOT) is an Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user

threat_note - A lightweight investigation notebook that allows security researchers the ability to register and retrieve indicators related to their research



@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 #Playbooks new list :

[Demisto Playbooks Collection](https://www.demisto.com/category/playbooks/) - Playbooks collection

IRM - Incident Response Methodologies by CERT Societe Generale

[IR Workflow Gallery](https://www.incidentresponse.com/playbooks/) - Different generic incident response workflows, e.g. for malware outbreak, data theft, unauthorized access,... Every workflow constists of seven steps: prepare, detect, analyze, contain, eradicate, recover, post-incident handling. The workflows are online available or for download

PagerDuty Incident Response Documentation - Documents that describe parts of the PagerDuty Incident Response process. It provides information not only on preparing for an incident, but also what to do during and after. Source is available on GitHub.

> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Game Hacking

- The Ultimate Game Hacking Resource: A curated list of tools, tutorials, and much more for reverse engineering video games!
https://github.com/dsasmblr/game-hacking

- The Ultimate Online Game Hacking Resource: https://github.com/dsasmblr/hacking-online-games


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Domain #Analysis- #gathering information

[badips.com](https://www.badips.com/) - Community based IP blacklist service.

boomerang - A tool designed
for consistent and safe capture of off network web resources.

[Cymon](https://cymon.io/) - Threat intelligence tracker, with IP/domain/hash
search.

Desenmascara.me - One click tool to retrieve as
much metadata as possible for a website and to assess its good standing.

[Dig](https://networking.ringofsaturn.com/) - Free online dig and other
network tools.

dnstwist - Domain name permutation
engine for detecting typo squatting, phishing and corporate espionage.

[IPinfo](https://github.com/hiddenillusion/IPinfo) - Gather information
about an IP or domain by searching online resources.

Machinae - OSINT tool for
gathering information about URLs, IPs, or hashes. Similar to Automator.

[mailchecker](https://github.com/FGRibreau/mailchecker) - Cross-language
temporary email detection library.

MaltegoVT - Maltego transform
for the VirusTotal API. Allows domain/IP research, and searching for file
hashes and scan reports.

[Multi rbl](http://multirbl.valli.org/) - Multiple DNS blacklist and forward
confirmed reverse DNS lookup over more than 300 RBLs.

NormShield Services - Free API Services
for detecting possible phishing domains, blacklisted ip addresses and breached
accounts.

[SpamCop](https://www.spamcop.net/bl.shtml) - IP based spam block list.

SpamHaus - Block list based on
domains and IPs.

[Sucuri SiteCheck](https://sitecheck.sucuri.net/) - Free Website Malware
and Security Scanner.

Talos Intelligence - Search for IP, domain
or network owner. (Previously SenderBase.)

[TekDefense Automater](http://www.tekdefense.com/automater/) - OSINT tool
for gathering information about URLs, IPs, or hashes.

URLQuery - Free URL Scanner.

[urlscan.io](https://urlscan.io/) - Free URL Scanner & domain information.

Whois - DomainTools free online whois
search.

[Zeltser's List](https://zeltser.com/lookup-malicious-websites/) - Free
online tools for researching malicious websites, compiled by Lenny Zeltser.

ZScalar Zulu - Zulu URL Risk Analyzer.

> git sources
@UndercodeTesting
@undercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 new termux hack tool for Hack Patten :
> in a way- generating pattern phishing tool which can hack victim pattern :

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽

$ apt-get update -y
$ apt-get upgrade -y
$ pkg install python -y
$ pkg install python2 -y
$ pkg install git -y
$ pip install lolcat
$ git clone https://github.com/noob-hackers/hacklock
$ ls
$ cd hacklock
$ ls
$ bash hacklock.sh

🦑How it Works ?


1) Now you need internet connection to continue further process and Turn on your device hotspot to get link...

2) You will recieve patter pin in below image you can see pattern with numbers

3)You can select any option by clicking on your keyboard

Note:- Don't delete any of the scripts included in core files

4) From this option you can create phishing pattern link which get keys of victim pattern after he used this link


✅

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Documents and #Shellcode

* [AnalyzePDF](https://github.com/hiddenillusion/AnalyzePDF) - A tool for
analyzing PDFs and attempting to determine whether they are malicious.

* [box-js](https://github.com/CapacitorSet/box-js) - A tool for studying JavaScript
malware, featuring JScript/WScript support and ActiveX emulation.

* [diStorm](http://www.ragestorm.net/distorm/) - Disassembler for analyzing
malicious shellcode.

* [JS Beautifier](http://jsbeautifier.org/) - JavaScript unpacking and deobfuscation.

* [JS Deobfuscator](http://www.kahusecurity.com/2015/new-javascript-deobfuscator-tool/) -
Deobfuscate simple Javascript that use eval or document.write to conceal
its code.

* [libemu](http://libemu.carnivore.it/) - Library and tools for x86 shellcode
emulation.

* [malpdfobj](https://github.com/9b/malpdfobj) - Deconstruct malicious PDFs
into a JSON representation.

* [OfficeMalScanner](http://www.reconstructer.org/code.html) - Scan for
malicious traces in MS Office documents.

* [olevba](http://www.decalage.info/python/olevba) - A script for parsing OLE
and OpenXML documents and extracting useful information.

* [Origami PDF](https://code.google.com/archive/p/origami-pdf) - A tool for
analyzing malicious PDFs, and more.

* [PDF Tools](https://blog.didierstevens.com/programs/pdf-tools/) - pdfid,
pdf-parser, and more from Didier Stevens.

* [PDF X-Ray Lite](https://github.com/9b/pdfxray_lite) - A PDF analysis tool,
the backend-free version of PDF X-RAY.

* [peepdf](http://eternal-todo.com/tools/peepdf-pdf-analysis-tool) - Python
tool for exploring possibly malicious PDFs.

* [QuickSand](https://www.quicksand.io/) - QuickSand is a compact C framework
to analyze suspected malware documents to identify exploits in streams of different
encodings and to locate and extract embedded executables.

* [Spidermonkey](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey) -
Mozilla's JavaScript engine, for debugging malicious JS.


> git sources
@UndercodeTesting
@undercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Bitcoin Hacking :

Private Key Harvesters

> Electrum cracker

> Brainflayer

> Bruteforce Wallet

> Large Bitcoin Collider Pool Script

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽

Download: https://github.com/SMH17/bitcoin-hacking-tools

🦑brainflayer :

1️⃣Precompute the bloom filter:

> hex2blf example.hex example.blf

2️⃣Run Brainflayer against it:

brainflayer -v -b example.blf -i phraselist.txt

or

your_generator | brainflayer -v -b example.blf

3️⃣Building

Should compile on Linux with make provided you have the required devel libs installed (at least openssl and gpm are required along with libsecp256k1's build dependencies). I really need to learn autotools. If you file an issue about a build failure in libsecp256k1 I will close it.

4️⃣While not strictly required, it is highly recommended to use the following options:

-m FILE Load the ecmult table from FILE (generated with ecmtabgen) rather than computing it on startup. This will allow multiple brainflayer processes to share the same table in memory, and signifigantly reduce startup time when using a large table.

-f FILE Verify check bloom filter matches against FILE, a list of all hash160s generated with sort -u example.hex | xxd -r -p > example.bin Enough addresses exist on the Bitcoin network to cause false positives in the bloom filter, this option will suppress them.

Brainflayer supports a few other types of input via the -t option:

-t keccak passphrases to be hashed with keccak256 (some ethereum tools)

-t priv raw private keys - this can be used to support arbitrary deterministic wallet schemes via an external program. Any trailing data after the hex encoded private key will be included in brainflayer's output as well, for reference. See also the -I option if you want to crack a bunch of sequential keys, which has special speed optimizations.

-t warp salts or passwords/passphrases for WarpWallet

-t bwio salts or passwords/passphrases for brainwallet.io

-t bv2 salts or passwords/passphrases for brainv2 - this one is very slow on CPU, however the parameter choices make it a great target for GPUs and FPGAs.

-t rush passwords for password-protected rushwallets - pass the fragment (the part of the url after the #) using -r. Almost all wrong passwords will be rejected even without a bloom filter.

Address types can be specified with the -c option:

-c u uncompressed addresses

-c c compressed addresses

-c e ethereum addresses

-c x most signifigant bits of public point's x coordinate

It's possible to combine two or more of these, e.g. the default is -c uc.

An incremental private key brute force mode is available for fans of directory.io, try

brainflayer -v -I 0000000000000000000000000000000000000000000000000000000000000001 -b example.blf

See the output of brainflayer -h for more detailed usage info.

🦑Also included is blfchk - you can pipe it hex encoded hash160 to check a bloom filter file for. It's very fast - it can easily check millions of hash160s per second. Not entirely sure what this is good for but I'm sure you'll come up with something.

✅
and about the other cracking bitcoin tools in this same download link - building manual- using cmake -

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 File #Carving :

[bulk_extractor](https://github.com/simsong/bulk\_extractor) - Fast file
carving tool.

EVTXtract - Carve Windows
Event Log files from raw binary data.

[Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force⭐️🧜‍♂️

hachoir3 - Hachoir is a Python library
to view and edit a binary stream field by field.

[Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool.

SFlock - Nested archive
extraction/unpacking (used in Cuckoo Sandbox).

✅
>git sources..
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Reverse XOR and other code obfuscation methods :
> This like a drog for some hackers😃


[Balbuzard](https://bitbucket.org/decalage/balbuzard/wiki/Home) - A malware
analysis tool for reversing obfuscation (XOR, ROL, etc) and
more.

de4dot - .NET deobfuscator and
unpacker.

[ex_pe_xor](http://hooked-on-mnemonics.blogspot.com/2014/04/expexorpy.html)
& [iheartxor](http://hooked-on-mnemonics.blogspot.com/p/iheartxor.html) -
Two tools from Alexander Hanel for working with single-byte XOR encoded
files.

FLOSS - The FireEye Labs Obfuscated
String Solver uses advanced static analysis techniques to automatically
deobfuscate strings from malware binaries.

[NoMoreXOR](https://github.com/hiddenillusion/NoMoreXOR) - Guess a 256 byte
XOR key using frequency analysis.

PackerAttacker - A generic
hidden code extractor for Windows malware.

[unpacker](https://github.com/malwaremusings/unpacker/) - Automated malware
unpacker for Windows malware based on WinAppDbg.

unxor - Guess XOR keys using
known-plaintext attacks.

[VirtualDeobfuscator](https://github.com/jnraber/VirtualDeobfuscator) -
Reverse engineering tool for virtualization wrappers.

XORBruteForcer -
A Python script for brute forcing single-byte XOR keys.

[XORSearch & XORStrings](https://blog.didierstevens.com/programs/xorsearch/) -
A couple programs from Didier Stevens for finding XORed data.

xortool - Guess XOR key length, as
well as the key itself.

✅
>git sources..
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 #Reverse Engineering Tools

The following are some of the most popular reverse engineering tools:

HOWEVER! GO TO THE REVERSE ENGINEERING SECTION for more references.

[Ghidra](https://ghidra-sre.org/) - a software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate

Interactive Disassembler (IDA Pro) - Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, IDA Free.

[WDK/WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx) - Windows Driver Kit and WinDbg.

OllyDbg - x86 debugger for Windows binaries that emphasizes binary code analysis.

[Radare2](http://rada.re/r/index.html) - Open source, crossplatform reverse engineering framework.

x64dbg - Open source x64/x32 debugger for windows.

[Immunity Debugger](http://debugger.immunityinc.com/) - Powerful way to write exploits and analyze malware.

Evan's Debugger - OllyDbg-like debugger for GNU/Linux.

[Medusa](https://github.com/wisk/medusa) - Open source, cross-platform interactive disassembler.

plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.

[peda](https://github.com/longld/peda) - Python Exploit Development Assistance for GDB.

dnSpy - Tool to reverse engineer .NET assemblies.

[binwalk](https://github.com/devttys0/binwalk) - Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.

PyREBox - Python scriptable Reverse Engineering sandbox by Cisco-Talos.

[Voltron](https://github.com/snare/voltron) - Extensible debugger UI toolkit written in Python.

Capstone - Lightweight multi-platform, multi-architecture disassembly framework.

[rVMI](https://github.com/fireeye/rVMI) - Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.

Frida - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.


> git sources
@UndercodeTesting
@undercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Most #requested Verified Exploits, from us site..