Introduction

Last updated 8 months ago

Introduction

It's 2016 already and if you are a PEiD user or when you hear "packer" you think "UPX", you must read this.

I have no doubts old binary analysis tools have their space and most of them are great! Everybody knows the power of tools like W32Dasm, SoftICE or DeDe (Delphi Decompiler). Sometimes trying new things can make your life easier and your analysis better and faster. I'd never suggest you to forget about your old tools, but to consider try new ones.

I've been using these tools for ages and I do admire their creators but we have to admit that some of them were totally abandoned. We also have better (or at least equivalent) and more up to date tools to replace them.

I know it can be hard, but sometimes you have to accept that things change. For example, in Linux systems, the ip command replaced ifconfig command. After that, certain sysadmins spent some time learning how to use the new command. Others preferred to install the old tools they already know how to use. There is nothing wrong with that but by doing this they avoid getting in contact with a tool that can speed up the way their job is done.

In this book I'll present some of the tools I use to make my life easier while doing malware analysis or general reversing. You can find the tools list in the Tools list chapter.