Hexcellents CTF Wiki
Toolset
Subpages
Tools
Platform-independent
Binary analysis
- xortool: Tries to decode the whole file using a xor key)
- xorsearch: “XORSearch is a program to search for a given string in an XOR, ROL, ROT or SHIFT encoded binary file”
- xorstrings: “XORStrings will search for strings in the (binary) file you provide it, using the same encodings as XORSearch (XOR, ROL, ROT and SHIFT)”
Platform-dependent
Linux
- TODO
- TODO
- TODO
Windows
- CaptureBAT - Capture system events from the kernel level (for dynamic analysis)
- ProcessHacker - Comprehensive live analysis of running processes (including viewing/editing memory, stack traces, threads, connections, etc)
- RegShot - Can take snapshots of the registry and compares them
- TODO