Imm_PhantOm Plugin 1.54 January 24, 2009
Posted by reversengineering in Immunity Debugger, TOOLS.add a comment
Plug-in for concealment OllyDbg (plugin with the driver). Helps from following methods of detection:
// driver – extremehide.sys
[+] NtQueryInformationProcess.
[+] SetUnhandledExceptionFilter.
[+] OpenProcess.
[+] Invalid Handle.
[+] NtSetInformationThread.
[+] RDTSC.
[+] NtYieldExecution.
[+] NtQueryObject.
[+] NtQuerySystemInformation.
[+] Windows hide.
[+] GetProcessTimes.
[+] NtSetContextThread.
// plugin – PhantOm.dll
[+] PEB BeingDebugged.
[+] PEB NtGlobalFlag.
[+] GetStartupInfo.
[+] Process Heaps.
[+] GetTickCount.
[!] Protect DRx.
[!] Hide DRx.
[!] Fake Windows version.
[!] Custom Handler.
[+] BlockInput
http://vip-file.com/download/8d00af885300/PhantOm-Plugin-v1.54.7z.html
Immunity Debugger v1.73 September 17, 2008
Posted by reversengineering in DEBUGGER, Immunity Debugger, TOOLS.3 comments
from:http://debugger.immunityinc.com
We have put out the 1.73 release which is a maintenance release that has a few more bugfixes as well as a DLL injection function in the debugger API.
The list of changes are as follows:
- Immunity Debugger API
- Added inject_dll() method to load a DLL into the debuggee
- Bug Fixes
- Fixed pathing issue when updater.exe spawns debugger
- Fixed MemoryPage.getOwner() to return only the module name
- Fixed hang when opening Immlib-> Lib References menu item
You can upgrade your current Immunity Debugger by going to Help/Update
or directly downloading the new installer from
http://www.immunityinc.com/products-immdbg.shtml
Thanks for using Immunity Debugger, and all your patience while we resolved these last few issues.
Sincerely
Team Immunity
http://www.immunityinc.com
immSignSrch September 15, 2008
Posted by reversengineering in Immunity Debugger, TOOLS.add a comment
immSignSrch is a signatures scanner plugin for Immunity Debugger developed upon Luigi Auriemma’s signSrch ( diff ).
Features:
* Fast search engine
* It can recognize:
- tons of compression, multimedia and encryption algorithms
- many other things (like known strings and anti-debugging code)
* Signatures DB automatically updatable from the program itself and editable by hand
http://letitbit.net/download/e588eb499192/immSignSrch-v-0.5.rar.html
3 new plugins for Immunity Debugger September 11, 2008
Posted by reversengineering in Immunity Debugger, TOOLS.add a comment
http://letitbit.net/download/9fd9cc385862/IMMODbgScript.ENGLISH.1.65.zip.html
http://letitbit.net/download/1a16e7653572/IMMHideDebugger.v1.24.zip.html
http://letitbit.net/download/cb7132876126/IMM-PhantOm.v.1.30.zip.html
TLS callback for Immunity Dbg July 21, 2008
Posted by reversengineering in Immunity Debugger, TOOLS.add a comment
from :tuts4you
———-Break on TLS callback for Immunity Dbg———
1. Install plugin
2. Disable option “Warn when terminating active process” in “Security”
3. Load “tls.exe” (from example[test] directory) in to ImmunityDbg
http://letitbit.net/download/4db08d675274/TLS-Stopper-v0.1.rar.html
———————————————————-
(c) 0×0c0de 2008
Immunity Debugger 15 Scripts + 13 plugins April 5, 2008
Posted by reversengineering in Immunity Debugger, TOOLS.Tags: DEBUGGER, Immunity, plugins, Scripts
2 comments
15 Scripts for Immunity Debugger
13 plugins for Immunity Debugger
Analyze This 0.1 1 Joe Stewart 22.93 kb
Asm2clipboard 0.1 FatMike 18.71 kb
Cleanup Ex 1.12.108 Gigapede 28.36 kb
Crypto Scanner 0.5b Loki 17.82 kb
FullDisasm 1.71 BeatriX 26.64 kb
HideOD 0.17 Kanxue 20.51 kb
IsDebugPresent 1.4 SV 4.15 kb
ODBGScript 1.65 SHaG & Epsylon3 70.26 kb
OllyDbg PE Dumper 3.03 FKMA 87.96 kb
OllyDump 3.00.110 Gigapede 60.85 kb
PhantOm Plugin 1.20 Hellsp@wn & Archer 759.72 kb
Ultra String Reference 0.12 Luo 22.46 kb
Windows Maximizer 1.0 BoB 9.92 kb
