SYNALYZE IT PRO VS STANDARD MAC OS XThese add to the existing support for the standard Intel platforms of Mac OS X and Windows binaries, making this an all around useful tool for doing the basics. SYNALYZE IT PRO VS STANDARD 64 BITThe newest release supports ARM, 32 & 64 bit ELF and iOS Mach-O. SYNALYZE IT PRO VS STANDARD CODEIn terms of use, the tool does exactly what you expect from the description – it disassembles binaries into assembler and makes exploration of the deeper nuances of the code accessible. The app store link for the tool, in case you want to check it out, is here. If you hack stuff, reverse stuff or study malware on the Mac, the $60 price point is likely to make this a big winner for your budget. It is even mid-line in price, coming in between Olly, which is free, and IDA Pro which can run over a thousand dollars per license. It is more accessible on the mac than firing up a VM and using the venerable OllyDbg and the interface is quite a bit more elegant and user friendly. The tool is essentially a mid-line tool for working to reverse engineer code. SYNALYZE IT PRO VS STANDARD FOR MAC OSI have recently been playing with Hopper, a disassembler for Mac OS X, quite a bit. Posted in End-user Focused, General InfoSec, Malware, Tool Review | Tagged mac, malware research, OS X, reverse engineering, tools | Leave a reply Tool Review: Hopper Disassembler for OS X PS – MSI has no affiliation or relationship with the product and/or the developers. The product retails for $25 in the App Store and a non-Pro version is available for $5 – however, note that it lacks many features of the Pro version that make it such a useful tool. The link to the App Store has a variety of screenshots of the product if you want to check it out. However, the feature is still excellent and the tool remains a very powerful addition to our toolbox. It might be easier for beginners to learn to master this capability if an set of quick and easy tools were easily available without a bunch of menu navigation. The grammar definition could lend itself to a better toolbox in the GUI. I still need to practice a bit more with the grammar definition mechanisms, but I can see where this will grow the product’s usefulness rapidly. This is an easy to use, intuitive and powerful mechanism for reversing. The real power of the tool is in the creation of the “grammar files”. I really thought this would work, but could not seem to selections to “stick” so that I could add multiples. Additionally, I would really like it if you could get realtime updates, but with a mechanism for selecting multiple data elements and not just single strings. For one, I would like to see additional checksum mechanisms added and perhaps even an interface for creating your checksum scripts or equations. However, I do have a couple of things I would like to see as future features for this capability. This makes it pretty easy to figure out if different fields are included in the protocol’s checksum activities and leads to faster, cleaner reversing. This feature displays a wide variety of checksums for the data that is highlighted and updates the checksums in realtime. In my recent protocol work, this was a feature I used over and over again to identify various components of the data stream and figure out how each was encoded as a part of a bigger puzzle.Īnother feature we have come to love is the “Show Checksums” feature. This makes reversing simple encoding on text as easy pie and as quick as swatting a fly. This brings up a window in which the highlighted data is run through a bunch of encoding/decoding schemes and presented to you both as ASCII and as hex. My favorite feature of the tool is available by highlighting some piece of data and right clicking to bring up a menu, then selecting “compare code pages”. Recently, we have been doing quite a bit of protocol testing in the lab and this tool has proven itself again and again as invaluable. While this might sound basic, it is amazingly useful for performing reverse engineering of protocols and other deep-level analysis tasks of textual data. Namely, it lets you “lasso” different bits of text and highlight them in different colors. This tool is a hex editor with some very very useful features in the GUI. Synalyze It! Pro is another invaluable tool that we depend on. Earlier this week, we reviewed our favorite disassembler, Hopper for OS X. Rounding out this week with another tool review for the Mac under OS X.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |