ReverseKit is a comprehensive toolkit designed to aid reverse engineers in the process of dynamic RE. With a wide range of features and functionalities, it provides an easy-to-use interface and helps you intercept, analyze, and manipulate code and data during runtime.
Features •
Getting Started •
Usage
Contributing •
License •
Showcase
- Imports information - along with DLL name, function name, and address.
- Intercept all commands executed - system(), ShellExecuteEx(), etc.
- Intercept all thread creations - APIs like std::thread, CreateThread(), etc.
- Intercept URLs - APIs like UrlDownloadToFileA and InternetOpenUrlA, etc.
- Threads - lists thread ids along with cpu usage, allows you to suspend them with a button.
- Bypass common debugger checks - CheckRemoteDebugger() and IsDebuggerPresent().
- Easy-to-use interface powered by ImGui.
- Hook library with a normal JMP hook and trampoline hook.
To get started with ReverseKit, you can clone this repository and build the project. Once the build is complete, you can inject the tool and start using it to analyze binaries.
ReverseKit provides a user-friendly interface that enables you to easily intercept, analyze, and manipulate code and data during runtime. With the wide range of features and functionalities, you can:
- Monitor and intercept system calls and API functions
- Monitor CPU usage by active threads and option to suspend
- Analyze network traffic and intercept URLs
- Analyze and manipulate thread creations
- Hook into binary code and redirect execution flow
- Bypass common debugger checks
We welcome contributions from the community. If you find a bug or have an idea for a new feature, please open an issue or submit a pull request.
This project is licensed under the terms of the MIT license.
