- Joined
- Jan 8, 2019
- Messages
- 56,623
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,456
- Points
- 2,313
- Credits
- 32,750
6 Years of Service
76%
This is a collection of tools you may like if you are interested in reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you’ll have a folder on your desktop with shortcuts to RE tools like these:
Why do I need it?
You don’t. Obviously, you can download such tools from their own website and install them by yourself in a new VM. But if you download retoolkit, it can probably save you some time. Additionally, the tools come pre-configured so you’ll find things like x64dbg with a few plugins, command-line tools working from any directory, etc. You may like it if you’re setting up a new analysis VM.
Included tools
Tools by category
.NET
Compilers
Debuggers
Decompilers
Document analysis
Hexadecimal editors
PE analyzers
PE resources editors
Process monitors
Signature tools
Unpacking
Utilities
Changelog v2022.04
Changes:
Added:
Echo Mirage.
elfparser-ng.
entropy (closes #47).
Force Toolkit.
MiniDump x64dbg plugin.
Notepad++.
OllyDumpEx x64dbg plugin (closes #41).
Removed:
Bewareircd: Too specific to analyze (now rare?) IRC-based communications.
dnSpy: Replaced by dnSpyEx.
HyperDBG: It’s a nice project, but they don’t provide binary releases yet, meaning a lot of work for me.
JRE: Replaced by JDK, which is required by Ghidra.
Threadtear: It doesn’t work with JDK required by Ghidra.
Why do I need it?
You don’t. Obviously, you can download such tools from their own website and install them by yourself in a new VM. But if you download retoolkit, it can probably save you some time. Additionally, the tools come pre-configured so you’ll find things like x64dbg with a few plugins, command-line tools working from any directory, etc. You may like it if you’re setting up a new analysis VM.
Included tools
Tools by category
.NET
Compilers
Debuggers
Decompilers
Document analysis
Hexadecimal editors
PE analyzers
PE resources editors
Process monitors
Signature tools
Unpacking
Utilities
Changelog v2022.04
Changes:
Added:
Echo Mirage.
elfparser-ng.
entropy (closes #47).
Force Toolkit.
MiniDump x64dbg plugin.
Notepad++.
OllyDumpEx x64dbg plugin (closes #41).
Removed:
Bewareircd: Too specific to analyze (now rare?) IRC-based communications.
dnSpy: Replaced by dnSpyEx.
HyperDBG: It’s a nice project, but they don’t provide binary releases yet, meaning a lot of work for me.
JRE: Replaced by JDK, which is required by Ghidra.
Threadtear: It doesn’t work with JDK required by Ghidra.