Tools

Disassemblers

• Ida

• Radare

• Capstone

• Ghidra

Debuggers

• x64dbg

• Immunity

• OllyDbg

• WinDbg

Decompilers

• Snowman (Integrated with x64dbg)

• dotPeek .NET decompiler

Information Gathering

• CFF Explorer - PE header parser

• PE Explorer - PE inspection tool

• BinText - Extract string from a binary

• Sysinternals Suite

• procmon

• procexplorer

• InetSim: Internet Services Simulation Suite

• Yara: pattern matching rule engine

• Wireshark - network sniffing

• API Monitor

Helpful Websites

• virustotal.com - free service that analyzes suspicious files and URLs

• malwr.com - Malwr is a free malware analysis service

• hyrbid-analysis - free malware analysis service

• whois.domaintools.com - look up domains

• robtex.com - free DNS lookup tool

• www.debuggex.com - Online Visual Regex Tester

Support

• HxD Hex Editor

• Python - used for automating tasks