Here are a list of tools which are of use when injecting code into a program. Due to low space, my large phone bill and a slow free ISP this site will only contain small programs. The larger programs will be refered to here but I'll leave you to download them yourself from the main tools sites (see the links section).
|
Program
|
Size
|
Author
|
Description
|
|
326kb
|
LiuTaoTao
ZhuNanHao |
Excellent debugger. Runs in ring 0 mode so gets beneath
the guts of the program you are studying and gives you control over it's
processes. Also can be loaded dynamically unlike SoftICE (also compare
the size difference)
|
|
|
SoftICE
|
~6Mb
|
NuMega
|
The best debugger. Allows the monitoring of any program
(provided there aren't any anti-SICE routines)
|
|
Ida Pro v4.04
|
~19Mb
|
Datarescue
|
Extremely useful disassembler with includes FLIRT technology
for identifying standard compiler routines. Makes it easier to understand
what is going on in your target
|
|
W32Dasm v8.93
|
592kb
|
URSoftware
|
Disassembler and debugger. Useful for finding out where
routines are stored in files for insertion of links to added code
|
|
ResourceStudio v1.0
|
1.77Mb
|
Symantec
|
Resource editor. Allows production of resource files
for win32asm programming and allows editing and adding of resources to
PE files
|
|
Resource Workshop v4.5
|
824kb
|
Borland
|
Resource editor for producing resource files and allows
editing of PE files
|
|
331kb
|
Eugene Suslikov
|
Hex editor that allows you to assemble code into programs
as well as other stuff
|
|
|
356kb
|
M.o.D
yoda |
PE editor. Does lots of useful things
|
|
|
104kb
|
Iczelion
|
Create code snippets and saves them as files, PE editor,
can insert snippet into new/existing section/ PE header, can add new imports
and call them from code
|
|
|
8.47kb
|
SantMat
|
Small program to add new imports to any PE file into
a new section, and it allows you to add extra space for code to that section
|
|
|
Jump Calculator[jumpcalc.zip - MISSING]
|
6.53kb
|
Lord Rhesus
|
A little program written by me to generate op-codes
for jumps/calls between memory locations. Source code included.
|