首页
社区
课程
招聘
[分享].NET 反编译程序集_2020年11月30日更新:V1.2
发表于: 2020-11-1 12:36 17841

[分享].NET 反编译程序集_2020年11月30日更新:V1.2

2020-11-1 12:36
17841

收集有关 .NET 程序集浏览器和反编译器的工具、类库、资料以及TypeRefHasher计算等其它协助工具,方便伙伴们查阅使用

Dump native and .NET assemblies

Simple Assembly Explorer(简称SAE)是一款专业的.Net程序解密分析必备工具,由于国内知道它的不多,所以只有英文版本,没有进行汉化,Simple Assembly Explorer可以为您探索和分析.NET程序集,用来反编译最好不过了。。

Simple Assembly Explorer(简称SAE)是一款专业的.Net程序解密分析必备工具,以为您探索和分析.NET程序集

这是一个用于转储 .NET 打包的应用程序的程序。当然,没有严重的 .NET 保护依赖于包装。事实上,这个软件显示了如何容易解包受保护的屁股。这个 .NET 通用解包是在几个小时内编写的,尽管它非常简单,但它可能变得很有用:否则您必须手动解包,这也很容易。

已上传到本贴附件,可根据所需进行下载

Basic Patching
点击下载

Cracking .NET
点击下载

Cracking With Kurapica 1
点击下载

EntryPoint Method
点击下载

Introduction to .NET cracking
点击下载

Managed Resorces
点击下载

MaxtoCode
点击下载

Memory optimization
点击下载

PE.NET
点击下载

Reactor
点击下载

Unpacking CodeVeil 1.2
点击下载

Unpacking CodeVeil 1.3
点击下载

Unpacking CodeVeil
点击下载

在网络上收集的用于学习所用的测试程序

Cracking .NET Components
点击下载

Cracking .net for newbies
点击下载

Cracking Rebex.FTP Components
点击下载

.NET CrackME #1
点击下载

Confuser_unpackme_howto
点击下载

KeyGening Last KeygenMe by LordCoder
点击下载

KeyGeningLordCoderKeygenme
点击下载

StrongNameRemover v2.2
点击下载

Themida unpacking
点击下载

Tutorail-unpack.Exepack.NET.and.make.unpacker.Levis-REPT
点击下载

U_DotNetReactorUnpackVideoTutorial
点击下载

TypeRefHash (TRH) which is an alternative to the ImpHash that does not work with .NET binaries.

CLI tool to compute the TypeRefHash (TRH) for .NET binaries.
*地址
https://github.com/GDATASoftwareAG/TypeRefHasher

收集网络上分享的脱壳程序,并在本贴进行备份

##
jitDumper_bin
点击下载

官方渠道也无法找到,网络备份寻找

Currently - is in a late beta stage It is similar to IL-Spy but this has a focue on edit/attack.
GrayWolf was a tool I created to carry out research. The focus is on editing applications to make change quickly.


DotNet Id 1.0.0.3备份下载地址
原发布地址(留存可能你可以打开)

原发布地址(留存可能你可以打开)

https://bitbucket.org/styx2007/mu.dnid/downloads/2.0.5.0_2016.01.26.rar

是一款代码分析软件,在源代码的层次上反编译、分析并概括NET和Windows可执行文件。可以在C#、VB NET、Object Pascal和IL汇编语言之间转换。

Xenocode Fox备份下载地址
原发布地址(留存可能你可以打开)

This tools should be used over a .NET assembly.
Default options which are set when the program starts should create a working dump.
Reactor Decryptor备份下载地址
原发布地址(留存可能你可以打开)

will show only .NET processes under list,
all dumps will be saved under dumps

and work like a charm for .NET Reactor.
DotNet Dumper备份下载地址
原发布地址(留存可能你可以打开)

DotNet Dumper备份下载地址
原发布地址(留存可能你可以打开)

From:eXetools
Post:magic_h2001
Update (2008.12.31):
+Code improved for better processing invalid ImageBase,ImageSize and invalid PE.
+Some small changes for more Compatibility/Stability.
-PSAPI library removed from UIF engine (shit library with many bugs).

https://rghost.net/4704286

iMPROVE .NET Deobfuscator备份下载地址
原发布地址(留存可能你可以打开)

原发布地址(留存可能你可以打开)

Gray Wolf备份下载地址
原发布地址(留存可能你可以打开)

调试 .NET 和 Unity 程序集
编辑 .NET 和 Unity 程序集
光明和黑暗的主题
调试 .NET 和 Unity 程序集
编辑 .NET 和 Unity 程序集
光明和黑暗的主题
使用简单而强大的对象模型分析 .NET 二进制文件,而无需加载程序集即可使用反射。
修改 .NET 二进制文件,添加新元数据结构并更改 IL 代码。
使用简单而强大的对象模型分析 .NET 二进制文件,而无需加载程序集即可使用反射。
修改 .NET 二进制文件,添加新元数据结构并更改 IL 代码。
C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe      
C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin\ildasm.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe      
C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin\ildasm.exe
 
DotNet Id是一款net的查壳工具。DotNet Id官方最新版可以查是哪些软件保护加密或混淆处理的:MaxToCode .Net Reactor Rustemsoft Skater Goliath Obfuscator PE Compact Spices Obfuscator Themida   Dotfuscator Xenocode Smart Assembly CliSecure   Phoenix Protector CodeVeil
DotNet Id是一款net的查壳工具。DotNet Id官方最新版可以查是哪些软件保护加密或混淆处理的:MaxToCode .Net Reactor Rustemsoft Skater Goliath Obfuscator PE Compact Spices Obfuscator Themida   Dotfuscator Xenocode Smart Assembly CliSecure   Phoenix Protector CodeVeil
[2016/01/26] - 2.0.5.0: (by mammon)
=======================
+Added sample plugin... (works with both DNiD & PEiD!)
+Added small console-tool to set DNiD2 to Explorer's context menu...
+Added context menu to SecView - you can now directly Disassemble or
read any of the section in Hex...
+Added Debug Assertion on debug build on all methods...
*Fixed so project doesn't copy SharpDisasm to bin dir...
*Fixed plugins loader code...
*Changed plugins directory to load from; %dnid2_dir%\plugins\...
Also, pre-compiled download:
[2016/01/26] - 2.0.5.0: (by mammon)
=======================
+Added sample plugin... (works with both DNiD & PEiD!)
+Added small console-tool to set DNiD2 to Explorer's context menu...
+Added context menu to SecView - you can now directly Disassemble or
read any of the section in Hex...
+Added Debug Assertion on debug build on all methods...
*Fixed so project doesn't copy SharpDisasm to bin dir...
*Fixed plugins loader code...
*Changed plugins directory to load from; %dnid2_dir%\plugins\...
Also, pre-compiled download:
 
What's NEW :
 
1 - Reverse engineering oriented which means that only important events will be logged
 
2 - much faster than before
 
3 - Richer data output
 
4 - well-hidden from common protection techniques
 
5 - Finally you can double click any method and you will be driven to Reflector to see the code
 
6 - I may add plugins support later
 
7 - You can toggle tracing ON/OFF in runtime, until you open the registration window for example
 
8 - You can save results to Microsoft excel *.xls file for better analysis later
 
9 - Double click orange rows to be taken to the loaded module location in Windows Explorer
 
10 - Double Click the "Parent Class" to be taken to the Class that invoked the method in reflector
 
11 - Double Click the blue row to be taken to the Method that was called in Reflector
 
12 - VM Compatible
 
13 - may require a certain setup on Windows Vista and later due to UAC
 
* Reflector Support is still buggy but it's not my fault
** Make sure you loaded the needed assemblies in Reflector before using the double clicking feature
*** Thanks to whoknows and 0xd4d for testing and bug reports
What's NEW :
 
1 - Reverse engineering oriented which means that only important events will be logged
 
2 - much faster than before
 
3 - Richer data output
 
4 - well-hidden from common protection techniques
 
5 - Finally you can double click any method and you will be driven to Reflector to see the code
 
6 - I may add plugins support later
 
7 - You can toggle tracing ON/OFF in runtime, until you open the registration window for example
 
8 - You can save results to Microsoft excel *.xls file for better analysis later
 
9 - Double click orange rows to be taken to the loaded module location in Windows Explorer
 
10 - Double Click the "Parent Class" to be taken to the Class that invoked the method in reflector
 
11 - Double Click the blue row to be taken to the Method that was called in Reflector
 
12 - VM Compatible
 
13 - may require a certain setup on Windows Vista and later due to UAC
 
* Reflector Support is still buggy but it's not my fault
** Make sure you loaded the needed assemblies in Reflector before using the double clicking feature
*** Thanks to whoknows and 0xd4d for testing and bug reports
 
iMPROVE .NET it's a deobfuscator for packers that de4dot can't unpack. Current supported packers:
-DotBundle (only main exe and dlls unpacking)
-ExePack.NET
-.NetZ .NET Packer
-Macrobject Obfuscator .NET 2009
-.netshrink
Thanks to the author of this tool.....
WEB:
1
http://sourceforge.net/projects/improvenetdeobf/
iMPROVE .NET it's a deobfuscator for packers that de4dot can't unpack. Current supported packers:
-DotBundle (only main exe and dlls unpacking)
-ExePack.NET
-.NetZ .NET Packer
-Macrobject Obfuscator .NET 2009
-.netshrink
Thanks to the author of this tool.....
WEB:
1
http://sourceforge.net/projects/improvenetdeobf/
This one is the Source code of ConfuserDUmper by cob258 (B@S) for dumping applications packed by Confuser 1.9 original version.
This one is the Source code of ConfuserDUmper by cob258 (B@S) for dumping applications packed by Confuser 1.9 original version.
https://github.com/levisre/ConfuserDumper
https://github.com/levisre/ConfuserDumper
DelegateKiller for Confuser
 
Restore Confuser delegates!
If the assembly is signed you will have to remove strong name or resign else won't work.
DelegateKiller.exe.config should be placed in the same directory with DelegateKiller.exe to have Framework 4.0 suport.
Enjoy it.
DelegateKiller for Confuser
 
Restore Confuser delegates!
If the assembly is signed you will have to remove strong name or resign else won't work.
DelegateKiller.exe.config should be placed in the same directory with DelegateKiller.exe to have Framework 4.0 suport.
Enjoy it.
1
2
3
调试 .NET 和 Unity 程序集
编辑 .NET 和 Unity 程序集
光明和黑暗的主题
1
2
使用简单而强大的对象模型分析 .NET 二进制文件,而无需加载程序集即可使用反射。
修改 .NET 二进制文件,添加新元数据结构并更改 IL 代码。
1
2
C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe      
C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin\ildasm.exe
1
DotNet Id是一款net的查壳工具。DotNet Id官方最新版可以查是哪些软件保护加密或混淆处理的:MaxToCode .Net Reactor Rustemsoft Skater Goliath Obfuscator PE Compact Spices Obfuscator Themida   Dotfuscator Xenocode Smart Assembly CliSecure   Phoenix Protector CodeVeil
1
2
3
4
5
6
7
8
9
10
11
[2016/01/26] - 2.0.5.0: (by mammon)
=======================
+Added sample plugin... (works with both DNiD & PEiD!)
+Added small console-tool to set DNiD2 to Explorer's context menu...
+Added context menu to SecView - you can now directly Disassemble or
read any of the section in Hex...
+Added Debug Assertion on debug build on all methods...
*Fixed so project doesn't copy SharpDisasm to bin dir...
*Fixed plugins loader code...
*Changed plugins directory to load from; %dnid2_dir%\plugins\...
Also, pre-compiled download:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
What's NEW :
 
1 - Reverse engineering oriented which means that only important events will be logged
 
2 - much faster than before
 
3 - Richer data output
 
4 - well-hidden from common protection techniques
 
5 - Finally you can double click any method and you will be driven to Reflector to see the code
 
6 - I may add plugins support later
 
7 - You can toggle tracing ON/OFF in runtime, until you open the registration window for example
 
8 - You can save results to Microsoft excel *.xls file for better analysis later
 
9 - Double click orange rows to be taken to the loaded module location in Windows Explorer
 
10 - Double Click the "Parent Class" to be taken to the Class that invoked the method in reflector
 
11 - Double Click the blue row to be taken to the Method that was called in Reflector
 
12 - VM Compatible
 
13 - may require a certain setup on Windows Vista and later due to UAC
 
* Reflector Support is still buggy but it's not my fault
** Make sure you loaded the needed assemblies in Reflector before using the double clicking feature
*** Thanks to whoknows and 0xd4d for testing and bug reports
1
2
3
4
5
6
7
8
9
10
iMPROVE .NET it's a deobfuscator for packers that de4dot can't unpack. Current supported packers:
-DotBundle (only main exe and dlls unpacking)
-ExePack.NET
-.NetZ .NET Packer
-Macrobject Obfuscator .NET 2009
-.netshrink
Thanks to the author of this tool.....
WEB:
1
http://sourceforge.net/projects/improvenetdeobf/

[注意]APP应用上架合规检测服务,协助应用顺利上架!

最后于 2020-11-30 13:34 被梦幻的彼岸编辑 ,原因:
上传的附件:
收藏
免费 15
支持
分享
最新回复 (19)
雪    币: 5325
活跃值: (9918)
能力值: ( LV9,RANK:181 )
在线值:
发帖
回帖
粉丝
2
没有理由不收藏。
2020-11-2 08:39
0
雪    币: 98824
活跃值: (201059)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
3
2020-11-2 09:58
0
雪    币: 98824
活跃值: (201059)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
4
这个贴 整理的非常不错,设置 优秀。
2020-11-2 13:25
0
雪    币: 14535
活跃值: (4104)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
5
收藏。谢谢。
2020-11-3 13:01
0
雪    币: 8715
活跃值: (8619)
能力值: ( LV13,RANK:570 )
在线值:
发帖
回帖
粉丝
6
收藏 学习
2020-11-3 15:29
0
雪    币: 312
活跃值: (371)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
7
没有理由不收藏。
2020-11-3 16:38
0
雪    币: 210
活跃值: (736)
能力值: ( LV2,RANK:15 )
在线值:
发帖
回帖
粉丝
8
奥利给
2020-11-4 09:15
0
雪    币: 2391
活跃值: (2511)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
9
优秀哦~
2020-11-4 14:27
0
雪    币: 256
活跃值: (30)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
10
感谢分享 收藏  备用
2020-11-12 16:04
0
雪    币: 5409
活跃值: (2345)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
11
收藏,学习,备用,感谢分享。
2020-11-13 08:09
0
雪    币: 71
活跃值: (58)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
12
收藏,学习,备用,感谢分享。
2020-11-15 07:27
0
雪    币: 49
活跃值: (832)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
13
收藏,学习,备用,感谢分享+1,谢谢楼主
2020-11-18 08:17
0
雪    币: 96
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
14
哇偶
2020-11-24 09:20
0
雪    币: 303
活跃值: (476)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
15
能否打包下载呀
2020-11-27 20:33
0
雪    币: 8005
活跃值: (1298)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
16
感谢分享!!!
2020-12-2 09:30
0
雪    币: 175
活跃值: (2616)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
17
确实值得收藏。
2021-1-26 11:18
0
雪    币: 19
活跃值: (74)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
18
谢谢了,收藏。
2021-7-15 16:55
0
雪    币: 227
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
19
谢谢收藏了
2021-8-20 23:05
0
雪    币: 185
活跃值: (193)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
20
谢谢,非常强大的汇总帖
2022-6-17 10:01
0
游客
登录 | 注册 方可回帖
返回
//