首页
社区
课程
招聘
[转帖]dotNET Tools
发表于: 2009-5-19 10:01 10709

[转帖]dotNET Tools

2009-5-19 10:01
10709
Tools you need in reversing .NET applications

SmartKill v.0.6  
Author Kurapica and UFO-PU55Y
Description A tool that Kurapica and UFO-PU55Y from SnD have written to attack assemblies protected with SmartAssembly Protector.

[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

上传的附件:
收藏
免费 1
支持
分享
最新回复 (30)
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
2
dotNET Dumper 0.4

Author Kurapica
Description The idea of this tool is to achieve two objects:

1 - It will dump the body of every Method (Function, Procedure) called by the executable assembly you select, The dumping occurs whenever compiler enters that method, for example if you Click some button and this button calls method "CheckLicense" then you will find a file named "CheckLicense.txt" in the "\Dump" folder.

2 - It will show you in details the methods being called and also the modules that your application loads so it could be used as a simple tracing utility for .net assemblies.

I wrote this tool to help me rebuild assemblies protected with JIT hooking technique, those assemblies can't be explored in Reflector because their methods' body is encrypted and only decrypted in runtime when the method is called so you will see no code in reflector, I assumed that I will have access to the encrypted MSIL code of the methods using Profiling APIs, there was a 50% chance of success but it turned out to be only useful against certain protections like the one that LibX coded which depends on System.Reflection.Emit.DynamicMethod to excute protected methods.

you can find more on LibX protection here
hxxp://www.reteam.org/board/showthread.php?t=799
上传的附件:
2009-5-19 10:02
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
3
dotNET DeObfuscator  
Author Kurapica
Description A names deobfuscator that will help you explore obfuscated assemblies more easily with Reflector
上传的附件:
2009-5-19 10:03
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
4
RE-Sign  
Author LibX
Author website http://www.reteam.org
Description RE-Sign is a tool to help u re-sign .NET assemblies with your own StrongName key, and no need to do any manual patching anymore and no need to have sn.exe installed If u don't have a StrongName keypair
上传的附件:
2009-5-19 10:04
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
5
The Xenocode Solution  
Author LibX
Author website http://www.reteam.org
Description The Xenocode Solution is a unpacker that works for all Xenocode products
上传的附件:
2009-5-19 10:05
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
6
REZiriz  
Author LibX
Author website http://www.reteam.org
Description REZiriz is a unpacker for Eziriz .NET Reactor > v3.1.x.x
上传的附件:
2009-5-19 10:07
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
7
{smartassassin}  
Author LibX
Author website http://www.reteam.org
Description {smartassassin} is a reversing engineering tool used to remove string encryption from {smartassembly} protected files, its also possible to decompress resources compressed by {smartassassin}.
上传的附件:
2009-5-19 10:08
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
8
DotFuckScator  
Author LibX
Author website http://www.reteam.org
Description DotFuckScator is a reversing engineering tool used to remove string encryption from dotfuscator protected files
上传的附件:
2009-5-19 10:09
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
9
Asmex  
Author website http://www.jbrowse.com/
Description Asmex is a viewer for the internals of .NET assembly files. While the world is not particularly short of .NET assembly viewers, Asmex has some unique features and the source might prove useful in various contexts. Asmex's features include:

* Extract resources from assemblies
* View raw metadata tables
* Open assemblies as files or as Global Assembly Cache entries
* View disassembly (by cheating and spawning ILDASM)
* View PE file structures
* Browse types, namespaces, method parameters etc
上传的附件:
2009-5-19 10:10
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
10
DeSmart  
Author rongchaua
Author website http://rongchaua.net/
Description A control-flow deobfuscator for assemblies protected with smartassembly protector
上传的附件:
2009-5-19 10:13
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
11
DILE  
Author Petrény Zsolt
Description Dotnet IL Editor (DILE) v0.2.6
上传的附件:
2009-5-19 10:13
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
12
DotNET Tracer  
Author Kurapica
Description This is a simple tool that has a similar functionality to RegMon or FileMon but it's designed to trace events in .NET assemblies in runtime, many events can be reported so you can understand what's going on in the background
上传的附件:
2009-5-19 10:14
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
13
Rebel.NET  
Author Daniel Pistelli
Author website http://www.ntcore.com/rebelnet.php
Description Rebel.NET is a rebuilding tool for .NET assemblies which is capable of adding and replacing methods and streams.
上传的附件:
2009-5-19 10:14
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
14
Strong-name remover  
Author Andrea Bertolotto
Author website http://www.andreabertolotto.net/
Description A tool designed to remove strong signing from .NET assemblies without recompiling code
上传的附件:
2009-5-19 10:15
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
15
Dis#  
Author website http://netdecompiler.com/index.html
Description Dis# is .NET decompiler that allows to edit names in decompiled code and persist changes in project file.
上传的附件:
2009-5-19 10:23
0
雪    币: 206
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
16
太好了,顶顶
2009-5-19 11:32
0
雪    币: 250
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
17
很好的东西,努力学习
2009-5-19 12:28
0
雪    币: 234
活跃值: (25)
能力值: ( LV3,RANK:30 )
在线值:
发帖
回帖
粉丝
18
收集的很全面
2009-5-20 08:49
0
雪    币: 716
活跃值: (162)
能力值: ( LV9,RANK:250 )
在线值:
发帖
回帖
粉丝
19
怎么后边的没说明版本号?
2009-5-20 09:05
0
雪    币: 231
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
20
超级感谢LZ分享
2009-6-1 10:35
0
雪    币: 202
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
21
经测试发现, 这个东西也是个混淆器, 搞出来的东西比混淆了的还难懂
2009-6-1 14:00
0
雪    币: 370
活跃值: (15)
能力值: ( LV9,RANK:170 )
在线值:
发帖
回帖
粉丝
22
lin版贴完了吗,怕打扰了
2009-6-1 14:20
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
23
Recommended.
2009-6-1 14:48
0
雪    币: 202
活跃值: (12)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
24
好东东,不错,下来,研究下
2009-6-5 20:22
0
雪    币: 208
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
25
thanks
2009-6-12 15:28
0
游客
登录 | 注册 方可回帖
返回
//