#include "khanin.h"

BinText - Finds Ascii, Unicode and Resource strings in a file
Bokken - GUI for the Pyew malware analysis tool
Capture-BAT - Tool to monitor the state of a system during the execution of applications
CEnigma - A web-based tool helping to disassemble hexcode to assembly
CFF Explorer - PE Editor
DarunGrim - Binary diffing tool
Detect It Easy(DiE) - a packer identifier
dump.py - Dumps a PE from VirtualAlloc/VirtualProtect
DumpIt by MoonSols - A tool to perform raw memory dumps to a file on Win 32/64bit
Exeinfo PE - Packer, compressor detector
fciv - File Checksum Integrity Verifier utility
Fpipe - TCP or UDP port forwarder/redirector
GMER - An application that detects and removes rootkits
Hopper - A reverse engineering tool for OS X and Linux
HxD - Hex Editor and Disk Editor
Hybrid Analysis - Free malware analysis service
IAT Patcher - Persistent IAT hooking tool, based on bearparser (works for PE 32/64 bit)
IDA Pro - Disassembler and debugger
Immunity Debugger - Write exploits, analyze malware, and reverse engineer binary files
Kali Linux - Advanced Penetration Testing Linux Distribution
OllyDbg - 32-bit assembler level analysing debugger
PE Explorer - View, Edit, and Reverse Engineer EXE and DLL Files
PE-bear - Portable Executable reversing tool
pestudio - Perform static analysis of 32-bit and 64-bit Windows executable files
pev - PE file analysis toolkit
PEview - PECOFF structure viewer
pyew - Python tool to analyse malware
radare - Radare is a portable reversing framework
REMnux - A Linux Toolkit for Reverse-Engineering and Analyzing Malware
Scylla - x64/x86 Imports Reconstruction
The Backdoor Factory - Patch executable binaries with user desired shellcode
Vmss2core - A tool to convert VMware checkpoint state files into formats that third party debugger tools understand
Volatility Framework - Memory analysis and forensics
VT Hash Check - Let's you right click on file in Explorer and check VirusTotal scores
WinAPIOverride - API monitoring software for 32 and 64 bits processes
Wireshark - Network protocol analyzer
x64_dbg - An open-source x64/x32 debugger for windows
YARA - The pattern matching swiss knife for malware researchers

} // Malware::Tools

Malware::Recommended Training and Resources {

5 Steps to Building a Malware Analysis Toolkit Using Free Tools - Lenny Zeltser
Analyzing Ransomware - STOP - by Michael Gillespie (Demonslay335)
Blackout: What Really Happened - Jamie Butler and Kris Kendall (Code Injection Examples)
Channel9: Defrag Tools (Show of 100+ Episodes) - Deep dive into the tools used to troubleshoot systems
Dr Fu's Malware Analysis Tutorials - A Reverse Engineering Approach
Exploiting Simple Buffer Overflows on Win32 - 6 Sample Videos
Import Mechanisms and Intermodular Calls - IAT explained
Introduction to Malware Analysis - Free Recorded Webcast by Lenny Zeltser
License to Kill: Malware Hunting with the Sysinternals Tools - Mark Russinovich
Life of Binaries (Main page) - Open Security Training by Xeno Kovah
Life of Binaries (YouTube Playlist) - Open Security Training by Xeno Kovah
Looking to expand your forensics and security skills? - Recommended reading list by Andrew Case
Malware Analysis - 1 Hour presentation by Bill Buchanan
Malware Attribution - Blackhat 2010 Greg Hoglund
malware filetype:pdf site:blackhat.com - Blackhat presentations on Malware
Malware Reversing Part 1 - Reverse2Learn blog
Manual Unpacking of UPX packed PE - Using OllyDbg (video included)
Memory Forensics With Volatility on REMnux - By Luis Rocha (Count Upon Security)
Offensive Computing - Tools, Reversing Articles, Samples, etc
OpenRCE - Open Reverse Code Engineering community
Patching Windows Executables With The Backdoor Factory - DerbyCon KY 2013 Joshua Pitts
PE 32-bit Structure - SVG image (zoom down to 50%)
PE File 101 - Large resolution PNG
PE File 102 - Large resolution PNG
PE File Layout - x86 Disassembly/Windows Executable Files
PE TimeDateStamp Viewer - Discover all occurrences of TimeDateStamps in a PE executable
Peering Inside the PE - A Tour of the Win32 Portable Executable File Format
Popular OllyDbg & Reverse engineering videos - YouTube Playlist
Practical Malware Analysis - Blackhat 2007 Kris Kendall
Prevalent Characteristics in Modern Malware - Blackhat 2014 Gabriel Barbosa and Rodrigo Branco
Protection Rings - aka Hierarchical protection domains
Reverse Engineering 1 - Alex Sotirov, Fall 2011
Reverse Engineering Malware 101 - by Malware Unicorn
Reverse Engineering PE Files - Visual Documentation by Corkami
reverse-engineering.info - Robert Yates and others
Reversing the Inception APT malware - Blue Coat Labs
SANS Digital Forensics and Incident Response - Blog
Unmasking Careto through Memory Analysis - SecTor 2014 presentation by Andrew Case
Userland API Monitoring and Code Injection Detection - by @0x00sec
Using CreateRemoteThread for DLL Injection on Windows - Tutorial w/ Code
Virtualized Network Isolation for a Malware Analysis Lab - by Lenny Zeltser
Windows syscall numbers extraction - by Simone Margaritelli

} // Malware::Recommended Training and Resources

Malware::Acronyms {

} // Malware::Acronyms

Programming

Programming::Tools {

} // Programming::Tools

Programming::Recommended Training and Resources {

. vs -> in C++ - Stackoverflow Answer
Are pointers and arrays equivalent in C? - Eli Bendersky
Awesome C/C++ - A curated list of awesome C/C++ frameworks, libraries, resources, and shiny things
AwesomePerfCpp - A curated list of awesome C/C++ performance optimization resources
Big O notation explained - Stackoverflow Answer
Bo Qian's C++ Programming Videos - Excellent C++ training
C++ vtables - how clang implements vtables & RTTI
Classic Console TTF - 8x16 Fixed Width Font
CppCon - YouTube Playlist
Dive into C++11 - Vittorio Romeo
How statically linked programs run on Linux - Eli Bendersky
Intro to the C++ Object Model - CppCon 2015: Richard Powell
Introductory Intel x86: Architecture, Assembly, Applications - Videos from Xeno Kovah's 2 day "Introductory x86" Fall 2010 class
Mysteries of Memory Management Revealed, part 1 of 2 - Mark Russinovich
Mysteries of Memory Management Revealed, part 2 of 2 - Mark Russinovich
Pointers to Member Functions - isocpp FAQ
Pointers to pointers - Why/when to use double pointers?
The Definitive C++ Book Guide and List - Stackoverflow Answer
Understanding lvalues and rvalues in C and C++ - Eli Bendersky
What Every Programmer Should Know About Memory - 2007 Ulrich Drepper
What is ":-!!" in C code? - Stackoverflow Answer
Windows Kernel Architecture Internals - PDF by Dave Probert, MSRA/UR Workshop � Beijing, China 2010
Windows X86-64 System Call Table - (NT/2000/XP/2003/Vista/2008/7/2012/8)
__telemetry_main_invoke_trigger and __telemetry_main_return_trigger - ETW logging automatically added by VS2015 to C/C++ programs

Malware Analysis & Reversing

Malware::Tools {