DNiD 2 (modified by mammon)
DNiD README:
---------------------------------
Basically the exact same tool as Rue once wrote, however;
his tool was outdated on many things such as no way to add
new signatures and so forth :(
So here is a new, modified version of his amazing tool with
a new twist; it now has the ability to load external databases
without much fuzz to it - it also includes a brand new byte-search
engine which allows true wildcard searches ;)
Included is a sample-database, from which you can see how you
can add new signatures ;)
Also, the design is written to resemble PEiD as much as possible of
one simple reason; simplicity of the mind, thus only the theme is
basically the difference between DNiD and PEiD ;)
TODO:
+Add complete x64 & x86 plugin support... (not PEiD ones, or native ones...)
+Add possibility of using different pattern-finder engines... (thx mr.eXodia for the idea)
+Add a simple hex-view window...
+++Got suggestions? Good, send them to me!+++
VERSION
- 2.0.3.0: (by mammon)
=======================
+Added a simple disassembly-view window...
+Added a simple error-report window...
*Fixed occuring errors on re-launching, due to parallelization...
*Changed so all Native DLL methods are located in 1 place...
*Changed compilation mode to x86 - and it still is able to scan x64 binaries...
- 2.0.2.0: (by mammon)
=======================
+Added complete PEiD plugin(s) support... (this is a bit buggy!)
*Fixed "Open File" issue... (thx Apuromafo)
*Changed the binary-search algorithm to now be
part of main-assembly... (less size!)
*Changed alot of the "foreach" loops with "Parallel"'s, instead...
- 2.0.1.0: (by mammon)
=======================
!!FIRST PUBLIC VERSION!!
*Changed search-engine algorithm to use multi-CPU,
which makes it waaaaay faster...
- 2.0.0.0: (by mammon)
=======================
*Re-coded from scratch by mammon...
+Added new search-engine... (faster...)
+Re-added external signature support...
+Added signature:
-> ConfuserEx
- 1.0: (by Rue)
=======================
+Added an icon...
-Removed external signature support...
+Added Multi-Scan form...
+Added Error reporting...
+Implimented shell extensions...
*Eazfuscator false-positive on CryptoObfuscator should be gone...
*You can now rescan dragged files...
+Added "Rescan" context item to signature textbox...
+Added signatures:
-> Yano v1.X
-> Maxtocode v3.X
-> Maxtocode v3.X Runtime
-> SmartAssembly v6.X
-> Codewall v4.X Evaluation
-> Codewall v4.X
-> ReNET-Pack
-> PECompact .NET v2.0 - v3.X (fixed)
- 0.12B: (by Rue)
=======================
-Removed broken ElecKey signature...
- 0.12A: (by Rue)
=======================
*Improved scan time with native C dll and added scan time section...
+Added signatures:
-> DotNet Reactor v3.X
-> Adept Protector v1.X
-> Adept Protector v2.1
-> Sixxpack v2.2
-> Sixxpack v2.4
-> Crypto Obfuscator For .Net v5.X
-> ElecKey (thanks High6)
- 0.10A: (by Rue)
=======================
*First public release...
(c)2010-2016 Rue, and mammon
download:
https://bitbucket.org/styx2007/mu.dnid/downloads
支持楼主!~{:301_1007:}dnid [财富]自述修饰:
---------------------------------
基本相同的工具,后悔曾经写道,然而;
他的工具在许多事情上都是过时的,比如没有办法补充
新签名等:(
所以这里是一个新的,修改后的版本,他的惊人的工具
一个新的转折点,它现在有能力加载外部数据库
没有太多的模糊它,它还包括一个全新的字节搜索
引擎,允许真正的通配符搜索;)
包括了一个示例数据库,从中可以看到你是怎样的
可以添加新的签名;)
同时,设计编写类似PEID尽可能的多
一个简单的理由,简单的头脑,因此只有主题是
基本上dnid和PEID的区别;)
待办事项:
+添加完整的x64和x86插件的支持…(没有PEID的或本地的…)
+增加使用不同的模式查找引擎的可能性…(谢谢mr.exodia的想法)
+添加一个简单的十六进制视图窗口…
+ +有什么建议?好的,送他们给我!+ +
版本
【2016 / 01 / XX ] - 2.0.3.0:(由财神)
=======================
+添加了一个简单的拆卸视图窗口…
增加了一个简单的错误报告窗口…
*修正发生错误重新启动,由于并行化…
*改变了当地所有的DLL的方法是位于1位…
*改变编译模式仍然是x86和x64二进制文件能够扫描…
【2016 / 01 / 17 ] - 2.0.2.0:(由财神)
=======================
+添加完成PEID插件(S)的支持…(这是一个bug!)
*固定的“公开文件”问题…(谢谢apuromafo)
*改变二进制搜索算法,现在是
主总成的一部分…(较小的尺寸!)
*改变了很多“foreach”循环“平行”的,而不是…
【2016 / 01 / 14 ] - 2.0.1.0:(由财神)
=======================
!首先公开版本!!
*改变搜索引擎算法,使用多处理器,
这使得它waaaaay更快…
【2016 / 01 / 12 ] - 2.0.0.0:(由财神)
=======================
*重新编码,从零开始的财神…
+添加新的搜索引擎…(更快…)
+重新添加外部签名支持…
+附加签名:
-> confuserex
【2011 / 07 / 08 ] 1:(由街)
=======================
+增加了一个图标…
•移除外部签名支持…
+增加多扫描形式…
+增加错误报告…
+实现外壳扩展…
* eazfuscator假阳性对cryptoobfuscator应该走了…
*你现在可以把文件扫描…
+添加“重新扫描”的上下文项签名的文本框…
+附加签名:
-> Yano V1。X
-> maxtocode V3 X。
-> maxtocode V3 X运行。
-> smartassembly V6 X。
-> codewall V4 X的评价。
-> codewall V4 X。
-> RENet包
-> PECompact .NET v2.0 V3。X(固定)
【2011 / 01 / 08 ] - 0.12b:(由街)
=======================
拆断eleckey签名…
【2011 / 01 / 08 ] - 0.12A:(由街)
=======================
*改进的扫描本地库的时间和增加扫描时间段…
+附加签名:
-> DOTNET反应堆V3。x [自然]
->善于保护V1。X
->善于保护器V2.1
-> sixxpack V2.2
-> sixxpack V2.4
->加密混淆的。网V5 X。
-> eleckey [ anycpu ](感谢high6)
【2010 / 12 / 30 ] - 0.10a:(由街)
=======================
*首次公开发行…
(C)2010-2016芸香,与财神
下载:
https://bitbucket.org/styx2007/mu.dnid/downloads
dnid_v2.0.3.0_2016.01.19.rar
581.51 KB,下载次数:1,下载积分:吾爱币- 1 CB
能不能飙句人话 SGC沉默 发表于 2016-1-21 14:51
能不能飙句人话
提升一下自己的素质和知识,不认识可以使用翻译程序,这些逆向工具很多都来自国外,不要回复无关内容。 看了2楼的话,笑死我了,支持楼主!~ 上面的意思是不是说这是个查壳工具!!! - 2.0.5.0: (by mammon)
=======================
+Added sample plugin... (works with both DNiD & PEiD!)
+Added small console-tool to set DNiD2 to Explorer's context menu...
+Added context menu to SecView - you can now directly Disassemble or
read any of the section in Hex...
+Added Debug Assertion on debug build on all methods...
*Fixed so project doesn't copy SharpDisasm to bin dir...
*Fixed plugins loader code...
*Changed plugins directory to load from; %dnid2_dir%\plugins\...
Also, pre-compiled download: https://bitbucket.org/styx2007/mu.dnid/downloads/2.0.5.0_2016.01.26.rar
NB: The build is failing on AppVeyor because it fails to add the "DllExport" package to the included Sample Plugin automatically... 新版本,不错。 这个真心不错
看了2楼的话,笑死我了,支持楼主!~
页:
[1]
2