Binary Exploitation
Windows

Windows

Tools

  • winchecksec - GitHub

    Checks the security features of a Windows binary.

  • wine - Website

    Runs Windows programs on Linux.

  • winedbg - Website

    Debugger for Windows programs on Linux.

    Debug a Windows program on Linux with winedbg in gdb mode:

    winedbg --gdb <program>

  • gdb server for wine - Website

    Remote debugger inside wine. The (very large) package is called gdb-mingw-w64 on most Linux distributions.

    Start a gdb server inside wine: (found here)

    wine Z:/usr/share/win64/gdbserver.exe localhost:12345 myprogram.exe
x86_64-w64-mingw32-gdb myprogram.exe

  • Immunity Debugger - Website

    Debugger for Windows programs. I recommend using only GDB in order to learn less commands.

  • pefile - GitHub

    Get info about PE files.

  • dnSpy - GitHub

    .NET debugger and assembly editor.

  • PEiD - Website

    Detects packers, cryptors, compilers, etc.

  • jetBrains .NET decompiler

    exists

  • AutoIt - Website

    Scripting language for Windows.