Utilities

7-Zip

You know it. It's a great archiver, but it also opens and is able to parse and extract things from PE files, OLE files and others. Really a must.

CyberChef

A web app that runs locally and provides a set of useful tools like converters (base64, ROT13, etc).

Error Lookup

Nice simple tool to show description from error codes used by Windows API. It supports input both in decimal or hexadecimal prefixed a 0x prefix.

Java Runtime Environment (JRE)

Needed by the Java analysis tools.

manw

Have you ever needed manpages-like documentation for Windows API functions? Now you have it. You can also see the structures like _PEB and others.

vt-cli

Everything you do in VirusTotal web UI from the command-line.

winapiexec

Call any Windows API function from the command-line. Examples:

winapiexec user32.dll@MessageBox 0 "World!" "Hello" 0

Shorter way:

winapiexec u@MessageBox 0 "World" "Hello" 0

kernel32.dll is the default if you don't specify a DLL:

winapiexec @Sleep 0x3e8

It also supports nested functions. Check the author website.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Utilities

7-Zip

CyberChef

Error Lookup

Java Runtime Environment (JRE)

manw

vt-cli

winapiexec

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally