From f9508454dde4d4b90922e3792de5243eb80b27b4 Mon Sep 17 00:00:00 2001 From: Mike Worth Date: Sun, 15 Jan 2017 23:17:31 -0500 Subject: [PATCH 1/4] Add binary-ninja Adding binary ninja, a cheaper alternative to IDA-PRO --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7e59c32..baf1c1e 100644 --- a/README.md +++ b/README.md @@ -449,6 +449,7 @@ the [browser malware](#browser-malware) section.* source Binary Analysis and Reverse engineering Framework. * [binnavi](https://github.com/google/binnavi) - Binary analysis IDE for reverse engineering based on graph visualization. +* [Binary ninja](https://binary.ninja/) - A reversing engineering platform that is an alternative to IDA. * [Binwalk](http://binwalk.org/) - Firmware analysis tool. * [Bokken](http://www.bokken.re/) - GUI for Pyew and Radare. ([mirror](https://github.com/inguma/bokken)) From 8624a5cabaaa9f95e60a36b07807da049744587b Mon Sep 17 00:00:00 2001 From: Mike Worth Date: Sun, 15 Jan 2017 23:38:31 -0500 Subject: [PATCH 2/4] Add Process-Hacker adding process hacker, a tool useful for dynamic analysis --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index baf1c1e..fbb70d1 100644 --- a/README.md +++ b/README.md @@ -493,6 +493,7 @@ the [browser malware](#browser-malware) section.* files in more detail. * [Process Explorer](https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx) - Advanced task manager for Windows. +* [Process Hacker] (http://processhacker.sourceforge.net/) - Tool that monitors system resources * [Process Monitor](https://technet.microsoft.com/en-us/sysinternals/bb896645.aspx) - Advanced monitoring tool for Windows programs. * [PSTools](https://technet.microsoft.com/en-us/sysinternals/pstools.aspx) - Windows From 08af5f84983e298a7ec6c74bceb7425b0739c52a Mon Sep 17 00:00:00 2001 From: Mike Worth Date: Sun, 15 Jan 2017 23:48:32 -0500 Subject: [PATCH 3/4] Adding Regshot Adding regshot tool --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index fbb70d1..d2a38fe 100644 --- a/README.md +++ b/README.md @@ -502,6 +502,7 @@ the [browser malware](#browser-malware) section.* analysis. * [Radare2](http://www.radare.org/r/) - Reverse engineering framework, with debugger support. +* [RegShot](https://sourceforge.net/projects/regshot/) - Registry compare utility that compares snapshots. * [RetDec](https://retdec.com/) - Retargetable machine-code decompiler with an [online decompilation service](https://retdec.com/decompilation/) and [API](https://retdec.com/api/) that you can use in your tools. From a21f65064c148ec67440838fcbb082445c9b8b00 Mon Sep 17 00:00:00 2001 From: Mike Worth Date: Mon, 16 Jan 2017 00:03:39 -0500 Subject: [PATCH 4/4] Adding Practical-Reverse-Engineering Adding Practical Reverse Engineering book --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d2a38fe..88611da 100644 --- a/README.md +++ b/README.md @@ -647,6 +647,7 @@ the [browser malware](#browser-malware) section.* Tools and Techniques for Fighting Malicious Code. * [Practical Malware Analysis](https://amzn.com/dp/1593272901) - The Hands-On Guide to Dissecting Malicious Software. +* [Practical Reverse Engineering](http://a.co/63SQsH2) - Intermediate Reverse Engineering * [Real Digital Forensics](https://www.amzn.com/dp/0321240693) - Computer Security and Incident Response * [The Art of Memory Forensics](https://amzn.com/dp/1118825098) - Detecting Malware and Threats in Windows, Linux, and Mac Memory.