SmartKill v.0.6
Author Kurapica and UFO-PU55Y
Description A tool that Kurapica and UFO-PU55Y from SnD have written to attack assemblies protected with SmartAssembly Protector.
Author Kurapica
Description The idea of this tool is to achieve two objects:
1 - It will dump the body of every Method (Function, Procedure) called by the executable assembly you select, The dumping occurs whenever compiler enters that method, for example if you Click some button and this button calls method "CheckLicense" then you will find a file named "CheckLicense.txt" in the "\Dump" folder.
2 - It will show you in details the methods being called and also the modules that your application loads so it could be used as a simple tracing utility for .net assemblies.
I wrote this tool to help me rebuild assemblies protected with JIT hooking technique, those assemblies can't be explored in Reflector because their methods' body is encrypted and only decrypted in runtime when the method is called so you will see no code in reflector, I assumed that I will have access to the encrypted MSIL code of the methods using Profiling APIs, there was a 50% chance of success but it turned out to be only useful against certain protections like the one that LibX coded which depends on System.Reflection.Emit.DynamicMethod to excute protected methods.
you can find more on LibX protection here
hxxp://www.reteam.org/board/showthread.php?t=799
RE-Sign
Author LibX
Author website http://www.reteam.org
Description RE-Sign is a tool to help u re-sign .NET assemblies with your own StrongName key, and no need to do any manual patching anymore and no need to have sn.exe installed If u don't have a StrongName keypair
The Xenocode Solution
Author LibX
Author website http://www.reteam.org
Description The Xenocode Solution is a unpacker that works for all Xenocode products
{smartassassin}
Author LibX
Author website http://www.reteam.org
Description {smartassassin} is a reversing engineering tool used to remove string encryption from {smartassembly} protected files, its also possible to decompress resources compressed by {smartassassin}.
DotFuckScator
Author LibX
Author website http://www.reteam.org
Description DotFuckScator is a reversing engineering tool used to remove string encryption from dotfuscator protected files
Asmex
Author website http://www.jbrowse.com/
Description Asmex is a viewer for the internals of .NET assembly files. While the world is not particularly short of .NET assembly viewers, Asmex has some unique features and the source might prove useful in various contexts. Asmex's features include:
* Extract resources from assemblies
* View raw metadata tables
* Open assemblies as files or as Global Assembly Cache entries
* View disassembly (by cheating and spawning ILDASM)
* View PE file structures
* Browse types, namespaces, method parameters etc
DotNET Tracer
Author Kurapica
Description This is a simple tool that has a similar functionality to RegMon or FileMon but it's designed to trace events in .NET assemblies in runtime, many events can be reported so you can understand what's going on in the background
Rebel.NET
Author Daniel Pistelli
Author website http://www.ntcore.com/rebelnet.php
Description Rebel.NET is a rebuilding tool for .NET assemblies which is capable of adding and replacing methods and streams.
Strong-name remover
Author Andrea Bertolotto
Author website http://www.andreabertolotto.net/
Description A tool designed to remove strong signing from .NET assemblies without recompiling code
Dis#
Author website http://netdecompiler.com/index.html
Description Dis# is .NET decompiler that allows to edit names in decompiled code and persist changes in project file.
