Main Menu
bullet Home
bullet About Us
bullet Latest News
bullet Contact Us
bullet Forums
bullet Interesting Links
bullet Downloads
bullet Polls & Surveys
bullet Search Engine
bullet Disclaimer
bullet F.A.Q.
bullet Employment
bullet Bookstore
bullet Events
Latest Comments
[download] Reversing for Newbies 02
Posted by tti1 on 10 Mar : 11:35
What should i do if i get error that immunitydebug [ more ... ]

[download] PhantOm Plugin 1.54
Posted by Guest on 10 Mar : 05:39
Driver doesn't work on a Vista 32-bit.

[download] Reversing for Newbies 06
Posted by durazell on 09 Mar : 10:27
Great tutorials, easy to understand ;)

[download] Reversing for Newbies 04
Posted by ranger on 08 Mar : 23:10
Love the Tuts Lena!In the lesson, I can't get the [ more ... ]

[download] PeCompact 2.xx - 3.xx (Unpacking)
Posted by guest on 08 Mar : 22:36
ESP trick still work until last version.
Poll


Will 3D TV be the next big 'thing' or an industry failure?


Yes, I would buy a 3D TV

Its just a gimmick

I don't want to wear glasses!



Posted by Teddy Rogers
Votes: 544 Comments: 3
Previous polls

Link to us
Link to us
Hit Counter
Welcome to Tuts 4 You...
Welcome to Tuts 4 You the home of Reverse Code Engineering!

Reverse code engineering is playing a very important role in the modern computing era particularly with the increase and advances in malicious applications and operating system vulnerabilities. Reverse code engineering now crosses many fields and boundaries of expertise. Once considered an often dark and mis-understood art it is now a very powerful tool in the hands of both amateurs and professionals for analysing applications and code.

Being able to examine and understand how a piece of code works and behaves within its environment is exactly what reverse code engineering is. Malicious reverse engineers exploit weaknesses in the operating system and legitimate software to design malware and other malicious forms of code. These same techniques can be employed to study and analyse code to understand the way these threats behave within an environment and eventually come up with ways to keep our systems safe and less vulnerable.

As technology moves ever forward so do the potential threats imposed on us and our systems. Malicious software now employs many different and varying techniques to prevent analysis and our understanding of the way they behave. Obfuscation, virtual machines, cryptography and strong anti-debugging are some of the current popular technological techniques used to hinder that analysis work - albeit often employed using freeware or commercial protection software.

This website hopes to expand the knowledge for persons interested and practicing in reverse code engineering and bridge the divide between the various fields and boundaries this subject now crosses. There is a wide breadth of information retained on this site to help in that research ranging from; anti-debugging, virtual machines, unpacking, coding, disassembling, debugging, keygenning, cryptography and much, much more.

Of those interested in analysing and documenting malicious software may like to support the Malicious Software Research forum.

On the left is the main control menu, you can use it to tour around the site for the areas you wish to access. All latest releases are shown on the right under Latest Downloads menu.

Before browsing this site you may want to take a few minutes to read through the F.A.Q. page, common questions about this site have been answered there. The About Us page gives a very brief history of Tuts 4 You and information on other areas you can enjoy.

Should you have any questions about reverse code engineering or one of its associate subjects, no matter your previous levels of skill, please do not feel afraid to ask on the Community Forums. If you would like to actively write on the subject of reverse code engineering you can create your own RCE Blog Page on the subject.

If you have written a paper on any subject which directly or indirectly involves reverse code engineering and would like to see it included on this website please read the Contacting Us page for further information. This includes useful tools, scripts or plugins that are often employed in reverse engineering practices.
Latest Downloads
(Reverse Code Engineering:)
An Exercise in Approaching a Target Differently
Author: Ian Lyte
I wanted to experiment with API hooking and Nektra Spy Studio to examine how it could help me approach a target. So I grabbed a simple crackme and tried to experiment.
Date: 08 Mar : 07:54
Filesize: 583.07 kb
Total Downloads: 83
(dotNET Reversing:)
Easy Way To Unpack DotNet Packed Programs
Author: CodeRipper
This easy tutorial will teach you how to unpack various DotNet packed files.
Date: 08 Mar : 07:51
Filesize: 12.92 kb
Total Downloads: 95
(Keygenning / Serial Fishing:)
Keygenning and Patching Jopas KeygenMe3
Author: qpt^J
This tutorial shows how to keygen Jopas KeygenMe3. Protection includes: elgamal-256 bit, rsa-256 bit, sha-256
Date: 08 Mar : 07:48
Filesize: 674.89 kb
Total Downloads: 113
(Malware Analysis:)
Mass Malware Analysis - A Do It Yourself Kit
Author: Christian Wojner
This paper outlines the relevant steps to build up a customizable automated malware analysis station by using only freely available components with the exception of the target OS (Windows XP) itself. Further a special focus lies in handling a huge am [more...]
Date: 08 Mar : 07:45
Filesize: 836.66 kb
Total Downloads: 69
(Anti-Debugging:)
Software Protection Against Reverse Engineering Tools
Author: Joshua A. Benson
Advances in technology have led to the use of simple to use automated debugging tools which can be extremely helpful in troubleshooting problems in code. However, a malicious attacker can use these same tools. Securely designing software and keeping [more...]
Date: 08 Mar : 07:36
Filesize: 1.16 mb
Total Downloads: 68
(OllyDbg Plugins:)
StrongOD 0.3.1.610
Author: 海风月影
Make your OllyDbg Strong! This plug-in provides three kinds of ways to initiate the process: 1, Normal - And the same manner as the original start, the STARTUPINFO inside unclean data 2, CreateAsUser - User with a mandate to initiate the proc [more...]
Date: 08 Mar : 06:57
Filesize: 232.57 kb
Total Downloads: 5563
(Debuggers / Disassemblers:)
Delphi Decompiler 1.1.0.194
Author: BitMaker
Delphi Decompiler can analyze executables compiled with Delphi 2 to 7 giving you; all DFM files of the target, commented ASM code with references to strings, imported function calls, classes methods calls, components in the unit, Try-Except and Try- [more...]
Date: 06 Mar : 09:31
Filesize: 2.74 mb
Total Downloads: 291
(Unpacking Tutorials:)
PeCompact 2.xx - 3.xx (Unpacking)
Author: SSlEvIN
Audio and video tutorial on manual unpacking and fixing of a target packed with PE Compact version 2.00-3.00. The tutorial cover the whole process, and also has and audio track.
Date: 06 Mar : 09:30
Filesize: 13.35 mb
Total Downloads: 110
(IDA Scripts:)
PS3 Hypervisor Dump Script
Author: Xorloser
It seems someone took some initiative and made some software themselves to dump the hypervisor once they have the correct hardware and software. So for anyone who has used that and dumped their own hypervisor I present this PS3 HV Dump setup script f [more...]
Date: 25 Feb : 02:58
Filesize: 6.21 kb
Total Downloads: 49
(Virtual Memory / Machines:)
Creating Code Obfuscation Virtual Machines
Author: Craig Smith
Explanation of what a virtual machine is and how they are used. It focuses on embedded virtual machines used for code obfuscation. Specific coding examples are provided on how to write your own opcode interpreter. Code samples on how to embed your ne [more...]
Date: 24 Feb : 08:25
Filesize: 157.82 mb
Total Downloads: 632
(OllyScript - Scripts:)
ExeCryptor 2.4.x DeVM
Author: VolX
A script to restore ExeCryptor's virtualized machine instructions.
Date: 24 Feb : 08:23
Filesize: 5.78 kb
Total Downloads: 237
(Unpacking Tutorials:)
ExeCryptor 2.4.x (Tips and Tricks)
Author: SunBeam
Posting the start of a series that might be appreciated in the near-by future. EXECryptor is a good protector, but as time passes by, it gets deprecated. I included a few articles (3 so far) that discuss in depth some of its internals (mostly practic [more...]
Date: 24 Feb : 08:07
Filesize: 2.4 mb
Total Downloads: 312
(Unpacking Tutorials:)
ExeCryptor 2.4.x (Compressed Code)
Author: SunBeam
Hello, folks. Been a while since I touched EXECryptor ( exams and all that ), so I decided, after careful consideration, to shed a little insight on EXECryptor’s compressed code functionality. Many of you know that EC comes in 2 flavors when it com [more...]
Date: 24 Feb : 07:57
Filesize: 2.35 mb
Total Downloads: 307
(Debuggers / Disassemblers:)
PVDasm 64Bit Disassembler 1.7a
Author: Bengaly
The Proview (a.k.a PVDasm) Disassembler is Free, Interactive, Multi-CPU (Intel 80x86/ Chip8) that includes many features which allows the user to perform analysis on the target image file. PVDasm currently support image files of executable files (.ex [more...]
Date: 20 Feb : 01:19
Filesize: 303.59 kb
Total Downloads: 120
(Debuggers / Disassemblers:)
PVDasm 32Bit Disassembler 1.7a
Author: Bengaly
The Proview (a.k.a PVDasm) Disassembler is Free, Interactive, Multi-CPU (Intel 80x86/ Chip8) that includes many features which allows the user to perform analysis on the target image file. PVDasm currently support image files of executable files (.ex [more...]
Date: 20 Feb : 01:19
Filesize: 278.74 kb
Total Downloads: 701
(OllyScript - Scripts:)
RLPack 1.0 - 1.21 Unpacker v1.2
Author: LCF-AT

Date: 17 Feb : 07:33
Filesize: 86.85 kb
Total Downloads: 162
(IDA Plugins:)
PPC Altivec Plugin 1.6.6
Author: Xorloser
PPC Altivec Plugin for IDA v5.6 which adds support for special instructions that are used by some PPC based devices. This was originally written by Dean Ashton and then updated by Takires. This is useful when disassembling Xbox360 and PS3 binaries in [more...]
Date: 17 Feb : 05:56
Filesize: 36.94 kb
Total Downloads: 70
(Keygenning / Serial Fishing:)
Serial Fishing Arthis KeygenMe A0.2
Author: Dahiphop
A serial fishing tutorial for Arthis KeygenMe A0.2: Language: Microsoft Visual Basic 5.0 / 6.0 Level: 7 - Very hard
Date: 16 Feb : 07:54
Filesize: 1.77 mb
Total Downloads: 420
(IDA Plugins:)
IDA Stealth 1.2.1
Author: Jan Newger
IDA Stealth is a plugin which aims to hide the IDA debugger from most common anti-debugging techniques. The plugin is composed of two files, the plugin itself and a dll which is injected into the debuggee as soon as the debugger attaches to the proce [more...]
Date: 16 Feb : 07:54
Filesize: 760.72 kb
Total Downloads: 1131
(Java Reversing:)
Java Reversing
Author: Epokh
The following is a sample tutorial on Java reversing. The reader must know the architecture and Java JVM asm, however I will report some essentials during the article.
Date: 09 Feb : 08:59
Filesize: 476.95 kb
Total Downloads: 388
(Unpacking Tutorials:)
RLPack 1.0 - 1.21 (Unpacking)
Author: LCF-AT
A movie where you can exactly see how to use my script so in this movie I unpacked four different RLPack targets which different enabled protection features.
Date: 09 Feb : 08:54
Filesize: 7.3 mb
Total Downloads: 410
(OllyScript - Scripts:)
RLPack 1.0 - 1.21 Unpacker v1.0
Author: LCF-AT

Date: 09 Feb : 08:53
Filesize: 82.76 kb
Total Downloads: 134
(OllyDbg Extra Tools & Utilities:)
LoadDLL+ 0.1
Author: EvOlUtIoN
A more advanced loaddll.exe that allows you to load DLL's in to different memory locations, so you can rebuild relocations in an easy way.
Date: 06 Feb : 03:45
Filesize: 30.39 kb
Total Downloads: 272
(Cryptography Tools:)
Msieve 1.44 + GUI 1.1
Author: Jason Papadopoulos + Anogrganix
Factoring is the study (half math, half engineering, half art form) of taking big numbers and expessing them as the product of smaller numbers. If I find out 15 = 3 * 5, I've performed an integer factorization on the number 15. As the number to [more...]
Date: 05 Feb : 01:37
Filesize: 1.03 mb
Total Downloads: 4553
(IDA Pro Disassembler and Debugger:)
IDA Pro Disassembler 5.6
Author: Hex-Rays
IDA Pro is a programmable, interactive, multi-processor disassembler combined with a local and remote debugger and augmented by a complete plugin programming environment. IDA Pro is in many ways unique. Its interactivity allows you to improve disa [more...]
Date: 04 Feb : 02:49
Filesize: 26.72 mb
Total Downloads: 3188
(Debuggers / Disassemblers:)
W32Dasm 10.0
Author: Killer
Note: This has been added to the database for posterity. Software: anti-static compilation of the best tools! List of new features: 1, custom syntax highlight colors, highlight certain keywords can use color display, Good! 2, can increase t [more...]
Date: 03 Feb : 02:28
Filesize: 555.37 kb
Total Downloads: 1056
(OllyScript - Editors:)
OllyScriptEditor 0.35
Author: BriteDream
An editor for creating and editing scripts which can be used with the OllyScript plugin for OllyDbg.
Date: 03 Feb : 02:09
Filesize: 12.38 mb
Total Downloads: 3764
(OllyDbg Plugins:)
OllyTiper 2.0
Author: Vptrlx
Totally remade and BUGFIXed by vptrlx. OllyTiper is a plugin for OllyDbg v1.10, to improve OllyDbg's operation. Most of the content from the KanXue patch features the "to Ollydbg increase in operating functions useful shortcut keys," [more...]
Date: 03 Feb : 02:09
Filesize: 39.52 kb
Total Downloads: 733
(OllyDbg Plugins:)
Mapimp 0.7
Author: takerZ
This is an open source OllyDbg plugin which will help you to import map files exported by IDA or Dede. There are many plugins using which you can perform similar actions, but mapimp: - Recognizes debugged file segments and applies names correctly [more...]
Date: 26 Jan : 08:26
Filesize: 47.76 kb
Total Downloads: 531
(OllyScript - Scripts:)
MoleBox 2.xx Unpacker + OEP Finder v1.11
Author: Zhupf

Date: 20 Jan : 04:15
Filesize: 72.41 kb
Total Downloads: 431
(OllyScript - Scripts:)
eXPressor 1.8.0.1 Unpacker
Author: Pavka

Date: 20 Jan : 03:46
Filesize: 1.99 kb
Total Downloads: 179
(OllyDbg Plugins:)
HOlly 0.4 Build 90
Author: High6
This is my OllyDbg mod named HOlly. I will be constantly adding features as I require them or they are requested. Currently it only has a multiline assembler that needs some work but I would like some input. So if I could get some input on the fol [more...]
Date: 19 Jan : 16:15
Filesize: 64.04 kb
Total Downloads: 886
(OllyScript - Scripts:)
LIPacker 1.0 OEP Finder
Author: Luck

Date: 19 Jan : 07:05
Filesize: 725 b
Total Downloads: 112
(OllyDbg Plugins:)
AnalyzeThis+ 0.24
Author: SMK
I made some improvements to AnalyzeThis mainly to analyze a memory section which originally reports "this section is not associated with any module". .... Sometimes (especially when dealing with packers) you may need to run OllyDbg� [more...]
Date: 12 Jan : 07:59
Filesize: 36.85 kb
Total Downloads: 760
(Debuggers / Disassemblers:)
P32Dasm 2.6
Author: Darker
P32Dasm is a VB PCode Decompiler. It can generate String, Numbers, Objects, Import and Export function listing. There is also Jump calculator. For NCode events is here offset listing for setting BPX. You can generate .map files which you can import t [more...]
Date: 08 Jan : 23:45
Filesize: 262.56 kb
Total Downloads: 1963
(Debuggers / Disassemblers:)
Syser Kernel Debugger 1.99.1900.1191
Author: Syser Software Inc
A core-level debugger with full-graphical interfaces and supports assembly debugging and source code debugging Syser Debugger is designed for the Windows NT Family which is based on the X86 platform. Syser Debugger is a core-level debugger with fu [more...]
Date: 08 Jan : 23:32
Filesize: 4.34 mb
Total Downloads: 210
(Debuggers / Disassemblers:)
Syser Win32 Debugger 1.99.1900.1191
Author: Syser Software Inc
A core-level debugger with full-graphical interfaces and supports assembly debugging and source code debugging Syser Debugger is designed for the Windows NT Family which is based on the X86 platform. Syser Debugger is a core-level debugger with fu [more...]
Date: 08 Jan : 23:25
Filesize: 1.55 mb
Total Downloads: 165
(Binary Analysis / Editing:)
PROTECTiON iD 6.3.5
Author: CDKiLLER & TippeX
Features: - detection of every major PC ISO Game / Application protection - currently covers 475 detections, including win32/64 exe protectors & packers, .net protectors, dongles, licenses & installers - sector scanning CDs / DVDs for Copy Prote [more...]
Date: 07 Jan : 05:06
Filesize: 498.45 kb
Total Downloads: 3360
(OllyDbg Engines / Modifications:)
OllyDbg - EvO_DBG
Author: EvOlUtIoN
This is my version of OllyDBG. I removed all useless plugins and put my preferred ones, and also I set-up a good configuration. With it you should be able to load any protected file (Themida for example). Sometimes you have to change some options [more...]
Date: 04 Dec : 03:09
Filesize: 1.84 mb
Total Downloads: 2443
(OllyDbg Engines / Modifications:)
OllyDbg 2.0.0.7 (Beta 3)
Author: Oleh Yuschuk
OllyDbg 2.0 is a 32-bit assembler-level analyzing Degugger with intuitive interface. It is especially useful if source code is not available or when you experience problems with your compiler. Requirements. Developed and tested mainly under Windo [more...]
Date: 03 Dec : 07:10
Filesize: 1.08 mb
Total Downloads: 6985
Copyright (C) 2003 - 2010 by Teddy Rogers