|
[转帖]Gurobi Optimizer v9.0.0 win64 LicGen
|
|||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
[原创] idaSig制作工具
您可以添加英文界面吗? |
|||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
ZwProtectVirtualMemory修改内存属性有时候可以有时候不可以
if (NT_SUCCESS( ZwProtectVirtualMemory(NtCurrentProcess(), &addr, &size, protect, &OldProtect)) { } |
|||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
ZwProtectVirtualMemory修改内存属性有时候可以有时候不可以
NTSTATUS?! |
|||||||||||||||||||||||||||||
|
[原创] MASM伪指令Offset的使用问题
https://c9x.me/x86/html/file_module_x86_id_176.html codestart0: jmp codestart1 someVar dd 0 codestart1: mov eax,[rip+($-someVar)] Position-Independent Code https://www.oreilly.com/library/view/practical-malware-analysis/9781593272906/ch20s02.html How RIP/EIP relative addressing works in 32-bit mode http://www.codegurus.be/Programming/riprelativeaddressing_en.htm#Mode32 |
|||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
[推荐]Chris Eagle_ Kara Nance - The Ghidra Book-No Starch Press (2020) - True PDF
kaoyange 下载后解压缩时提示数据已被损坏,还请楼主再传一下 我的檔案沒有損壞。
最后于 2020-10-9 22:06
被Alfik编辑
,原因:
|
|||||||||||||||||||||||||||||
|
[推荐][分享]Synopsys Static Analysis (Coverity) 2019.3 for linux64
iedxtu 急需Coverity全套,谁有?Q223490563在這裡發布鏈接很難嗎? |
|||||||||||||||||||||||||||||
|
[下载]Windows XP SP1 & Windows Server 2003泄漏源码
magnet:?xt=urn:btih:1a4e5b67060ff2bc8fe2de36a6c265c77f392a0c&dn=NOTREPACKED |
|||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
[分享]VisualGDB和VisualKernel的破解
是否可以為Analyzer 2Go生成許可證 |
|||||||||||||||||||||||||||||
|
[转帖]Hopper Disassembler 4.5.19 Linux
arab # RSA 1024 N = 0xB83B487CC137A96C79E903EF3B3944CBB21CD121CA1E4B ...您可以找到適用於Mac OS的類似解決方案嗎? |
|||||||||||||||||||||||||||||
|
[推荐] X-ways WinHex 19.8 Specialist License - Keygen by DimitarSerg
X-Ways Forensics 20.0 20.0 SR-3 v20.0 Additional improvements: * Alternative extraction methods are now available for PST/OST/MBOX e-mail archives (still in a testing stage). These methods will be used if the main extraction method fails to extract e-mails or if preferred by the user. There is a new check box for that preference, not labelled but tooltipped. The alternative method for PST/OST does not work with password-protected e-mail archives and cannot find previously existing objects. * When attaching a directory with external files to an e-mail archive (PST, OST or MBOX), the contents of that directory will be treated like the result of an e-mail extraction performed by the viewer component. That means for example that redundant empty top-level directories like "Top of Personal Folders", "Root - Mailbox", "IPM_SUBTREE" will be skipped and that the MSG files will automatically be split up into to EML files with e-mail headers and bodies plus separate attachment files. Such an extraction can be performed with the context menu commands "Extract Selected Files" and "Extract All Files" in the preview or view of those e-mail archives. * Support for more code pages in e-mail extraction from MSG. * The alternative TAR extraction method estimates the size of the MBOX e-mail archive in a Google Takeout TGZ file if the size was erroneously stored as 0, which can apparently happen in real life. Only that allows to extract the MBOX e-mail archive file at all, and once that has happened of course the e-mail messages and attachments can usually be extracted from it. * Improved ability to extract attachments in PDF files, in particular in so-called PDF portfolios (user-compiled collections of arbitrary files), with the original names and internal paths of the attached/embedded files, where the Description column identifies these files as attachments. * Recognition of more digital photo generating devices, for example the Samsung Galaxy M31. * Output of Photoshop "Preserved file name" in the metadata. * Same fix level as v19.9 SR-11. * Some minor improvements. SR-2: * Can now reliably convert PDF documents with RC4 encryption to not password-protected PDF files with the "Convert to PDF format" option of Recover/Copy if you provide the password in the metadata cell, prepended with "Password: ". * Improved clipboard format selection dialog when pasting external data. * More reliable ability to copy text in UTF-16 Unicode from within windows of the viewer component (Preview mode or View command). * The keyboard shortcuts / and ÷ (different keys, but same function) are now available in the directory browser and in the case tree. They toggle between recursive and normal exploration. * Ability to extract data from certain GZ archives with a corrupt size field in the footer. * Fixed: Extended timestamps from the extra field in zip records are now extracted and presented in the timestamp columns based on Apple specifications, which however is not always how these timestamps are meant. (For the more likely correct interpretation, especially in GrayKey collections, check the box for "Zip: alternative ext. timestamp interpretation" in Options | Volume Snapshot, which already worked in the original release of v20.0.) * Fixed: The Technical Details Report now show details of MacOS X installations on HFS+ or APFS volumes. These details now also become part of the evidence object properties if the volume is added to the case only after a volume snapshot exists. * Fixed an exception error that could occur under rare circumstances when starting up X-Ways Forensics. * User manual and program help slightly revised. * Some minor improvements and fixes.
SR-3: * Fixed a crash that could occur with the 64-bit executable of SR-2 under certain circumstances when the viewer component was in use. |
|||||||||||||||||||||||||||||
|
[转帖]PE Anatomist 0.2.13218.1416(20楼)
Version 0.1.17.83 (2020-09-10) PEAnatomist.exe SHA256: BEB515489A0C8DA42DC252F51C1DFCDF886E02A76FB688DFD3F41D3AECF8D9A8 Added recognition of the target from a MSI shortcut Fixed a bug with displaying some dialogs from the resources Updated set of CET policy flags and LOAD_CONFIG_DIRECTORY structure from SDK 20201 Added display of xFG-hash value in the GFID list Added descriptions of several section groups on the "POGO" page in IMAGE_DEBUG_DIRECTORY Accelerated display of found strings in PE files Added an optional restriction to start the only instance of the program Added a menu for launching a copy of the program with the currently open file Added the ability to open a file from the clipboard Fixed loss of a character in line recognition if a long line was split into several Added string detection settings: recognition threshold and ignoring of strings without a trailing zero Added a dialog for selecting a Section object and opening a mapped file Introduced a limitation of one instance of the resource properties dialog per entry Optimization and clean up of a part of the code for working with ListView _https://rammerlabs.alidml.ru/files/PEAnatomist-0.1.17.zip |
|||||||||||||||||||||||||||||
|
|