29 thg 3, 2012

Immunity Debugger v1.73 GVP [21.7.2013]

Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.
A debugger with functionality designed specifically for the security industry
Cuts exploit development time by 50%
Simple, understandable interfaces
Robust and powerful scripting language for automating intelligent debugging
Lightweight and fast debugging to prevent corruption during complex analysis
Connectivity to fuzzers and exploit development tools
The Best of Both Worlds
Immunity Debugger's interfaces include the GUI and a command line. The command line is always available at the bottom of the GUI. It allows the user to type shortcuts as if they were in a typical text-based debugger, such as WinDBG or GDB. Immunity has implemented aliases to ensure that your WinDBG users do not have to be retrained and will get the full productivity boost that comes from the best debugger interface on the market.

Commands can be extended in Python as well, or run from the menu-bar.

Download here: 

Unrar: EA 89 BB 96 18 DB A5 4B 91 AE 96 38 5A 66 18 9F

Keygener Assistant v2.1.0 by AT4RE [2012]

What's New in version v2.1.0

What's New in version v2.0 Beta

- Added BigFloat Calculator

- Update BigNumber Calculator

- Update Convertor, 

- Added Instant Base Convertor between(2,10,16,32,64,256)

- Added more Encryption :


- Added ActiveProcess in System Tab

- Some Bug Fixed.

- Update Skins

Version 1.9

- Added DSA Generator & DSA Signing / Verifiy.

- Added Hash Analyzer to Detect  Hash Algo Used.

- Updated Interface for RSA & ElGamal.

- Bug Fixed In Encryption Symetric ALG.

- Bug Fixed In RSA Factoring (Size>1024).

- Bug Fixed In Bigcalc.

- Bug Fixed In Skin PopupMenu.

- Alwas Run As Admin In win7.

Download Here 
Unrar: 15 92 EC 50 CB 99 20 B9 25 F0 29 19 15 53 03 12

Source: AT4RE 
Home:   http://at4re.com/news.php


14 thg 3, 2012

Stud_PE v2.6.0.8 [13-3-2012]

Stud_PE v2.6.0.8 Release date 13-3-2012.

 - add new section;
 view/edit Directory Table:
  -Import/Export Table viewer;
  -Import adder;
  -Resource viewer/editor (save/replace ico/cur/bmp);

 Pe Scanner (PEiD sig database):
  -400 packers/protectors/compilers;

  Task viewer/dumper/killer;
 PEHeader/Binary file compare;
 RVA to RAW to RVA;
 Drag'nDrop shell menu integration;
 Basic HexEditor;
 Process regions' dumper/viewer/editor;  

Download link: http://www.cgsoftlabs.ro

- added back, the support for w95; added installer; 
- fixed the cursor not showing over rollup control and "Plugins" menu not showing on on w9x;
- added support for drag&drop under w7,vista on 64bit OS's; there is a bug with "x86" in IShellLink::GetPath for 32bit app running on 64bit OS;
- bugfix in hexeditor; when exploring large pe sections/data (MB), at the end of the VScoll, the program was stuck in an endless paint;
- fixed 3 bugs reported by snailz; unhandled situations when no pe file was loaded;
- fixed a security issue, related to the size of import/export functions' names; "The vulnerability is caused due to a boundary error when parsing the names of functions exported by an analysed portable executable. This can be exploited to cause a stack-based buffer overflow by tricking a user into processing a specially crafted ".dll" or ".exe" file." (secunia.com/advisories/39130)
- found some import's names with the lenght greater than 500 chars! see adobe CS5, the imports from the boost libs; fixed the buffers to support such situations aaaand...
- it seems that TLS dir size is ignored by windows, so let Stud_Pe buttons enabled on 0 size image data dirs; (waleedassar.blogspot.com/2012/03/ollydbg-v201-and-tls-callbacks.html).
- added support for showing imported functions for 64bit apps; also did some small changes in there like notifying about bound imports if FirstThunk is choosed; fixed a bug related to splitter for imports window;
- fixed a cursor problem on older OS, the hand cursor (the one over the tabs)...flickering also on property pages.
- fixed a gpf reported on program exit;
- fixed a small bug in Disassembler's hex column, not showing full OPcode hex data.
- fixed a small bug in disassembler's history;
- fixed a small bug in TLS window, not showing correctly the number of TLS Calbacks functions for x64 pe targets;
- switched the project from vc6 to VC8; just for your information about 60 Errors and 600 warnings after project conversion; take care, those secure crt fixups drived me crazy, errors may have slept through; if so, please report and I'll try to fix them.
- the dialog colour was changed due to the fact that SetDialogBkColor it's no more supported in vc8 libs.
- unfortunatelly VC8 breaks the w95 compatibility (shlwapi.dll appears at imports due to mfc AddToRecentFileList which links that dll, not known to w95 os; aslo IsDebuggerPresent not present in w95 but linked by vc8 ...and who knows which other functins);
- updated the aboutbox;
-reloc window will show in which function/data a specific relocation points("In function" column); also it will show which data/function relocates ("Refers"); this works only if you have the map file for a certain pe.exe (pe.map present in the same dir as pe.exe); should work on 32bit and will be fixed for 64 as soon as I'll have a map sample for a 64bit file; 


5 thg 3, 2012

Video Tutorial Cracking For Newbie Vol1 2012 - 262MB

Thân chào tất cả thành viên Cin1Team thân mến !
Không để phụ lòng anh em và cũng nhân dịp sinh nhật Team lần III, Nay BQT lại lì lợm sau "thất bại thảm hại" của Ebook Cracking For Newbie 2011 quyết định tiếp tục "Tung chiêu" bằng Video Tutorial Cracking For Newbie Vol1 2012 . Anh em hãy download và đóng góp ý kiến để Vol2 sẽ hoàn chỉnh nhất sẽ Public vào thời gian tới.

Cuối cùng chúc anh em một sinh nhật Vui vẻ, Mạnh khỏe và Thoải mái vui tươi trong một sân chơi nho nhỏ với tiêu chí "Learning And Sharing" 

Thanks And Best Regards !!! 
CiN1 Reversing Tutorials for Newbies 2012 (Movie) - 262MB 

Movie Contents:

I. Introduction:

1. Script Tìm OEP vài Packer thường gặp (Script maker)
Find OEP Script for olly: Unpack for UPX 3.0, Aspack (quygia128)
Script load memory patch (quygia128)

II. Cracking begin:

1. Patching:
Lingvosoft Talking Dictionary 2008 (KhongBiet)
Aimersoft iPhone Video Converter (KhongBiet)
Advanced Registry Tracer (kruzco)
Error Repair (kruzco)
HardCopy Pro (kruzco)
Tipard Total Media Converter (KhongBiet)
SysTools BKF Recovery (thien866)

2. Inline Patching:
Rar Passoword Recovery - UPX (kruzco)
Translator Professional Plus - Armadilo (hamid-pardazan)
FontCreator v6.5 - Themida (hamid-pardazan)
uRex Video Converter Platinum - UPX (skypeaful)

3. Fishing:
Platinum Guard (kruzco)
MP3 Audio Editor 7.95 (Worm_VN)

4. Internal keygen:
[Internal Keygen] Bad CD Repair (Z.Alpha)
[Serila fishing] + [Internal keygen] ImTOO Video Converter Ultimate(ZzngkzZ)
[Internal keygen] 2nd_Speech_Center(DQHSpCr)

5. Keygenning:
Teleport Pro v1.64 (Mr.Teo)
InvoiceMan20 (DQHSpCr)
Keygen My Driver 5.00 (quygia128)
Keygen d2k2 Crackme01 (quygia128)

6. Manuals Unpack:
Tut MUP NsPack All Version (skypeaful)
How to find password NSIS (skypeaful)

Download here:

* Part1
* Part2
* Part3

UNRAR: Cin1team.biz

Source : http://cin1team.biz

Updated New Link [09.08.2019]

Practical Malware Analysis - Michael Sikorski

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.
For those who want to stay ahead of the latest malware,Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you’ll be able to safely analyze, debug, and disassemble any malicious software that comes your way.
You’ll learn how to:
  • Set up a safe virtual environment to analyze malware
  • Quickly extract network signatures and host-based indicators
  • Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
  • Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
  • Use your newfound knowledge of Windows internals for malware analysis
  • Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
  • Analyze special cases of malware with shellcode, C++, and 64-bit code.
  • Table of Contents
    Chapter 0: Malware Analysis Primer
    Part 1: Basic Analysis
    Chapter 1: Basic Static Techniques
    Chapter 2: Malware Analysis in Virtual Machines
    Chapter 3: Basic Dynamic Analysis
    Part 2: Advanced Static Analysis
    Chapter 4: A Crash Course in x86 Disassembly
    Chapter 5: IDA Pro
    Chapter 6: Recognizing C Code Constructs in Assembly
    Chapter 7: Analyzing Malicious Windows Programs
    Part 3: Advanced Dynamic Analysis
    Chapter 8: Debugging
    Chapter 9: OllyDbg
    Chapter 10: Kernel Debugging with WinDbg
    Part 4: Malware Functionality
    Chapter 11: Malware Behavior
    Chapter 12: Covert Malware Launching
    Chapter 13: Data Encoding
    Chapter 14: Malware-Focused Network Signatures
    Part 5: Anti-Reverse-Engineering
    Chapter 15: Anti-Disassembly
    Chapter 16: Anti-Debugging
    Chapter 17: Anti-Virtual Machine Techniques
    Chapter 18: Packers and Unpacking
    Part 6: Special Topics
    Chapter 19: Shellcode Analysis
    Chapter 20: C++ Analysis
    Chapter 21: 64-Bit Malware
    Appendix A: Important Windows Functions
    Appendix B: Tools for Malware Analysis
    Appendix C: Solutions to Labs
    You can see it here :
    Special thank to Kienmanowar for link.