Fravia's little learning tools
special tools


Updated September 1999
I'm restructuring this, bear with the 404s

[official +HCU tools] ~ [useful tools] ~ [good 'tooling' pages]  
There is not a single cracked or pirated copy of software on this or any other page of my site. There are not even links to pirated or cracked copies. There is no need, since you will learn not only how to understand, reverse and modify any software you fancy but also how to find on the web everything you want (BTW, if you do not know how to search the web, leave this cracking stuff alone for a while, go learn "searching" and come back only when you are done
You'll therefore find here only shareware (uncracked) or our own programs, or programs so old and obsolete that nobody cares for them (but us).
OK, now listen carefully: the main tools you need to reverse engineer like a glove any software application that crosses your path are mainly the following ones:

official
Official +HCU tool
1) Softice THE debugger! Fetch it already cracked from everywhere (but my site), or get it ftpmailed in one of its complete versions, or download a trial (or complete) version from numega's own site (search the ftp) and crack the time limit of its trial versions using +HCU's project2, or either buy it: it's an INCREDIBLY good tool, it deserves to be paid for. Softice for DOS, Windoze95 and NT in its various versions is the OFFICIAL +HCU debugger since 1997. Btw, there is NO NEED to have always the absolute last version of any program, even if the last version 4 promises some inetersting web-debugging possibilities, you'll still go quite a long way with good old (and stable) sice 3.25!
Hope it's not necessary to recall you that you can make MACROs with Softice, here a nice couple by Incubus++:
macro PARAMS = "dd ss:esp+4" and then bpx GetDlgItemTextA DO "PARAMS"
or else
macro GETTEXT = "db (ss:esp+4)->8" and then bpx GetDlgItemTextA DO "GETTEXT"


official
Official +HCU tool
2) BRW, Borland resource Workshop version 4.5, fetch it from the web, get it from a "real" programmer or buy it, as you like. (Well, you won't need to buy it... a lot of magazine's cover CD have carried for next to free the COMPLETE copy of Borland C++ version 4.5 -see my blackboard- and you'll get this phantastic tool there!). BRW beats SRS and beats WRE (the resource editors of the concurrence) and therefore is the OFFICIAL +HCU resource editor 1997.

official
Official +HCU tool
~
great reversing wizard
Ilfak Guilfanov
3) IDA (Interactive disassembler, by Wizard Ilfak Guilfanov) version 3.7 is THE tool you need to work. Quine's essays have underlined its incredible performance capacities. This IS the OFFICIAL +HCU disassembler 1997. Crack the demo version using Quine's essays, fetch a regged version from the web or buy a copy of it, Guilfanov deserves it, he's a great programmer!

official
Official +HCU tool
4) Wdasm (version 8.9), fetch a demo versions from the web and crack it using the students' essays that you'll find it inside +HCU's Project 0, or fetch a real complete version from the web, or buy it (it's a good tool, it deserves it :-)

Hope it is not necessary to recall you that wdasm (8.9) is also a good debugger, not only a disassembler...
If you use it as a debugger (as you should at times :-) just load the process, then use the "goto code location" option in the MAIN top window to go to the part of code you want to breakpoint into, then use F2 to breakpoint there (see the yellow box), then, in the smaller "right" debugging window, DO NOT FORGET to checkmark the first four boxes:
 Enable Documented API Details  (default)
 Eable Undocumented API Details
 Enable Local Function Details (VERY IMPORTANT!)
 Stop Auto on API

And now you'r set for some wonderful debugging sections with wdasm. Watch the "left" debugging window and the API calls while you just "step over" on the 'right' debugging window... and you'll see!

5) An Hexeditor, we use mostly PSEDIT (DOS, powerful) or Hexworkshop (Windoze), you'll find hexeditors everywhere and you'll crack all sorts of hexeditors reading +HCU's Project 1.
Many crackers find hiew_565.zip a very useful hexeditor.

6) Filemon & Regmon & Vxdmon... shareware (with source code!). You'll find them for download on my own site too, see below. Once you use and understand the utility of filemon you may also want to check my essay about filemon reverse engineering" too!

7) A good wordprocessor (MS-Word 97 won't do for huge files, I use old powerful Wordperfect version 4.2 (DOS) or Ultraedit (Windoze)

8) A brain, see if you manage to find one somewhere
All other tools on this page may be very useful as well at times... download what you fancy and enjoy!
Forgotten realms

Hey! I almost forgot... actually when you'll have to perform real work "inside the dark codewoods" you could need this Muster as well)

Tools to calculate inter alia in Hexadecimal

Hey! I almost forgot... actually when you'll have to perform real work "inside the dark codewoods" you better use the BEST TOOL for our calculations: base calculator (ver 1.3) by John Zaitseff (GNU freeware!) as well (zipped: 148.156 bytes)

Hey! I almost forgot... actually when you'll have to perform real work "inside the dark codewoods" you could need this base converter as well (An Hexworkshop add-on: zipped: 58.717 bytes)
Tools to catch a window (or box) through its DIMENSIONS

Hey! I almost forgot... actually when you'll have to crack windows that have a predefinite width and height you could need this ruler as well (zipped: 24.323 bytes)

Well, actually, even better... when you'll have to crack windows that have a predefinite width and height you could use this winshow utility as well (zipped: 57.958 bytes), the original module has been ameliorated by Frog's Print, porting it to hexvalues inter alia, and you'll find his version inside this zip as well
Tools to fish strings

Hey! I almost forgot... actually when you'll have to find and extract strings in unicode from your targets you could need this peek utility as well (zipped: 24.323 bytes)

Other pretty good pages for "tooling"
Just a small choice... everything is on the web!

Some VERY good tools for stalking (inter alia) on the Basilisk's red_ball tools page
Some good tools for hexediting (among other things) on red_ball LordSomer's page
Couple of good tools for Windows95 Registry (thoroughly explained) on red_ball Michael's page
Tools for Virus programming (which is useful in order to learn Assembly) on red_ball Jwool's page
Very good tools on a very good page, at red_ballMammon's
Very good tools on a very good page, at red_ballStone's
Tools and icecreams (quite a lot) on red_ball Aesculapius' page
Tools and icecreams (quite a lot) on red_ball ACP's main page
One of the best sites that you'll find for tooling around is LordCaligo's main page

__Tools you'll find HERE on my page__

I know that some of the following links are down... Censorship and syn-attacks have broken some minor "luggage" pages of mine... I'm repairing everything (albeit slowly)... but you'll be able to find the missing tools elsewhere using these NAMES and performing an archie search or a ftp search


spray asm 5.623 the *TOOL* to dump memory... +ORC's recommended
stepdos zip 19.088 intercept the int_21... zipped with the stepdos.asm file!... +ORC's recommended
int13 asm 16.253 for those annoying disk accesses
sniff zip 9.699 I made this tool myself... a brute "sniffer" for "dead" files
memscan zip 9.492 the first "visual" cracker tool... +ORC's recommended
kgb zip 6.137 Horak's masterpiece for intercepting interrupts... zipped with the *.asm file!... +ORC's recommended
map zip 23.959 Clockwork's MAP... complete with Nigel nagscreens... crack it with +ORC's lesson 3.2
psedit zip 67.308 Psedit version 4.4., by Gary Craider... +ORC's recommended
codebar zip41.103The key to the magic world of barcodes (see +ORC's lesson C.1)
joetools zip 90.702Tools & Files you need for Uncle Joe's Crackbook - UNP is also here
Resdump zip11.889Little utility newbyes'll need to crack windows programs (see my Taskman lessons)

Hiew zip40.624 Learn how to use it... substitutes (and how!) DEBUG and SYMDEB*


Old PSP version 2.1430.046Ancient copy of Paint Shop Pro, useful for +ORC's lesson 9.2
ums1.zip125.493 A very old (uncracked) strategic game, see +ORC's lesson 3 in order to crack it yourself
Peek version 11 11.492 String extracting useful utility, gets Unicode strings inside windoze's targets too
hiew_565.zip 345.242 Hexeditor and more
watch.zip19.890Useful snooper utility by Mike Williams (Version 2)
symdeb.zip 40.624 Good old symdeb, what would we do without thee?

strings.zip40.624A Dos string utility that cuts the mustard


winshow.zip57.958fish a window through its width and height (Frog's Print modified version included :-)
cust.zip1.459.190The Customizer! Modify any window parameter! Send your own API calls! Play with grayed buttons! (Very easy Cinderella protection, ideal crack for newbies)
ucfpd114.zip63KA very powerful unpacker (not for beginners though)
isdcc.zip52KA powerful Installshield decompiler, by adq
grep.zip 4.620grep! The dos ported unix command! You learn to use this well (and you understand how these 4000 bytes works) and you'r almost a Perl/unix Fravia buff! :-)
POWERFUL OLD AND/OR FREE STUFF

A complete c compiler: turboc version 1 by Borland

turboc.zip (594.717 bytes pkunzip with the -d option)

A complete disassembled disassembler for your jokes and pokes!

dsasmsrc.zip 103 KbSang Cho's [pure C] "code for decoding": a complete disassembler with source code? Yeah!
dsassm02.zip 66 KbSang Cho's win32program disassembler: a complete disassembler with source code? Yeah!

A complete exe to c (old and beta) renderer

exe_2_c.zip 217.923, an old experiment made in Jerusalem :-)



__Some special tools on other pages__


wcb.zip 103.496 Windows Code Back disassembler... +ORC's recommended
Bizatch1 zip 96.674 The first WINDOWS95 virus! (Courtesy of Vlad) With source code!
Bizatch1 zip 96.674 Another copy
ida35b.zip 1.300.000 V 35b Russki GOOD Interactive Disassembler, the one that works with DOS4GW
pooldemo.zip 200.122 Download it and crack it with +ORC's lesson 1
dmpexe12.zip 38.234 This solves the problem of the new exe-packers: interacts with softice
dongspy.zip 27.304 Donglespy: to start studying dongle_cracking in Windows 95 (BTW:it's "pipeta!")
trackmem.zip 30.234 As the name says (+ORC recommended)
gwbasic 60.436 A very old Microsoft basic interpreter (Version 3.2): what for? Who knows ;-)?
filedump.zip 2?514 As the name says (+ORC recommended)
ia.zip 300.453 This is a copy of the IABROWSE.EXE program you should have cracked for the 1996 +HCU (see+ORC's lessons C1, C2 and C3), better than nothing, if you cannot find a complete CD-ROM with this protection scheme (You'll find ia.ini in my orc.htm page).


__Some OTHER powerful tools__

ivyspy.zip  52.913 Show me my heaps! pview95.zip 22.711 You thought ps.exe was a good killer?Mark Russinovich's register monitor! 102.536 Win95 OS is STUPID! have a look at what happens at your monstruous register (deep inside windows 95) every time a program runs! (Can be pretty useful for our trade :-) Tekfct95.zip! 516.442 Well, an INCREDIBLY useful tool for our trade! Don't forget to check the 'search' DLL facilities! gnb.zip 115.549 Not a tool: a very old (poor AI, yet very good for two humans) napoleonic strategic game! (needs quite some reverse engineering to find out its funny commands!) vxdmon.zip! 60.260 Well, virtual drivers need checking too! Mark Russinovich's File system monitor! 94.324 Have a look at how many files are accessed every time a (suspect) program runs! (a really useful tool for our trade :-)
I was so excited about this very good program that I completely reversed it, see my red_ballfilemon serie essays!


red_balluseful tools
red_ball homepage red_balllinks red_ball+ORC red_ballstudents' essays red_ball+HCU database red_ballanonymity red_ballcounter measures
red_ballCGI antismut red_ballcocktails red_ballsearch_forms red_ballAntiMicro$oft red_ballmail_Fravia
red_ballIs reverse engineering legal?

red(c) Fravia 1995, 1996, 1997, 1998, 1999. All rights reserved