Recent Posts
- Ctor conflicts
Fri, 29 Nov 2013
- MUI files under the hood
Wed, 14 Nov 2012
- Preparing a bugfix version of CFF Explorer
Thu, 25 Oct 2012
- Companies on the Verge of a Nervous Breakdown
Thu, 09 Aug 2012
- The biggest software delusions of the last decade
Thu, 22 Sep 2011
 
Recent Comments
- Comment on Filter Monitor 1.0.1 by Daniel Pistelli
Fri, 29 Apr 2016
- Comment on Filter Monitor 1.0.1 by Moci
Wed, 16 Dec 2015
- Comment on Ctor conflicts by Daniel Pistelli
Mon, 01 Jun 2015
- Comment on Microsoft’s Rich Signature (undocumented) by Guru Meditation
Fri, 22 May 2015
- Comment on Ctor conflicts by Harper
Tue, 19 May 2015
 
Readme
This section contains only very small utilities. If you're interested in more important programs, visit the products page. You will find freeware software like the Explorer Suite.
 
Utilities
Rebel.NET
Date: 1/1/2009  Author: Daniel Pistelli
Rebel.NET is a rebuilding tool for .NET assemblies which is capable of adding and replacing methods and streams. It's possible to replace only a limited number of methods or every method contained in a .NET assembly. The simplicity of Rebel.NET consists in the replacing process: one can choose what to replace. Rebel.NET is, mainly, a very solid base to overcome every .NET protection and to re-create a fully decompilable .NET assembly. As such, Rebel.NET has to be considered a research project, not an encouragement to violate licensing terms.
Phoenix Protector
Date: 1/1/2007  Author: Daniel Pistelli
A protection software for .NET assemblies. It provides obfuscation features like Name, String and Control Flow Obfuscation. The last feature is particularly important since it prevents the .NET assembly from being decompiled into an understandable language. The Name Obfuscation is provided with an exclusion list. Also there are some more features. The Phoenix Protector is the ideal solution for every .NET developer, due to its support of every kind of project and compatibility with every version of the .NET framework. If you want to know more, click on the product for a detailed presentation.
Filter Monitor
Date: 17/10/2009  Author: Daniel Pistelli
This utility can list kernel mode filters and also unregister them. Monitored filters are, for instance, registry filters, create process and thread notifications. FilterMon comes both for x64 and x86 and it should work on all Windows systems from Vista RTM to Windows 7 RTM. I can't guarantee that it will work on future versions of Windows as it relies heavily on system internals.
Driver List
Date: 09/10/2009  Author: Daniel Pistelli
Very small utility which lists the loaded drivers. The utility is 64-bit compatible and can generate a report file from the list.
VirtualReg Manager
Date: 23/05/2008  Author: Daniel Pistelli
VirtualReg Manager is a utility which creates virtual registry files and is also able to edit them through a regedit-like interface. It provides command line support for automation. Feel free to include this application in your freeware. Since it's a .NET assembly, it works on every Windows platform.
DynLogger
Date: 13/04/2008  Author: Daniel Pistelli
DynLogger logs all dynamically retrieved functions by reporting the module name and the requested function. It can come very handy when one wants to know a "hidden" function used by an application. I recycled the code of a bigger project to write this little application. It's a very small utility, but it might be of use after all. It was tested on XP and Vista, both x86 and x64. It works for .NET application as well. Just start the logging process, the log will be saved after you quit the monitored application.
Vista4Experts
Date: 13/04/2008  Author: Daniel Pistelli
Vista4Experts is kind of a treat for computer experts who don't want security center notifications, User Account Control dialogs, automatic Windows Defender scannings, automatic update installations (which cause you to reboot your system if you don't react quickly enough). People who want MSDN (or google) set as default search engine in the Internet Explorer search bar, who want the start menu power button to shut down the system instead of hibernating it, etc. These and many more fixes are included in Vista4Experts. All of these changes can be discarded, enabled or reversed. Vista4Experts is first the expert utility of its kind and works on every platform.
4GB Patch
Date: 29/11/2007  Author: Daniel Pistelli
This very little tool patches x86 executables in order to let them have 4GB (instead of only 2) of virtual memory on x64 platforms. This tool comes very handy for applications which need a great amount of virtual memory like games, 3D renderization, multimedia etc. To gain these 2GB, you just have to use this tool to patch the executable (*.exe file) of the software you want to have these additional GBs of virtual memory. It can be used by clicking on it and choosing the file or through command line (e.g.: "4gb_patch file.exe"). It automatically creates a backup copy of the original executable.
PE Detective
Date: 01/05/2007  Author: Daniel Pistelli
A freeware PE identifier. This tool was originally designed to be part of the Explorer Suite II, but it can be downloaded separately as well. The PE Detective can scan single PE files or entire directories (also recursevely) and generate complete reports. The PE Detective is deployed along with the Signature Explorer, which is an advanced signature manager to check collisions, handle, update and retrieve signatures.
WIM Installer
Date: 21/04/2007  Author: Daniel Pistelli
A little utility created to handle from a graphical interface and in a extremely easy way setups based on wim images. Regardeless if they have been released by microsoft or not.
ScreenWriter (Freeware)
Date: 14/05/2006  Author: Daniel Pistelli
This is a little freeware software which makes the writing of screenplays for TV and cinema very easy. It follows the standard american indentation rules and provides autocompletion for characters, places and day times. You can also export your scripts in various file formats.
.NET Generic Unpacker
Date: 07/03/2006  Author: Daniel Pistelli
This is a program to dump .NET packed applications. Of course no serious .NET protection relies on packing. In fact, this software shows how easily you can unpack a protected assemly. This .NET Generic Unpacker was written in a couple of hours and despite of the fact that it's very simple, it might turn useful having it: otherwise you have to unpack manually, which is also very easy.
SNSRemover
Date: 29/11/2005  Author: Daniel Pistelli
This tool removes the Strong Name Signature from .NET Assemblies. I had to code it since all the other tools over the internet didn't work correctly with the new .NET Framework 2.0, which was released a couple of days ago. This tool was coded in plain win32, so like the CFF Explorer it doesn't need the framework to run.
NoDel
Date: 04/05/2005  Author: Daniel Pistelli
Small utility I wrote for a friend of mine (who needed it for work), it preserves files from deletion in a directory that you choose.
AntiMida 1.0
Date: 10/04/2005  Author: Daniel Pistelli
The AntiMida 1.0. Here you find the project files and a compiled executable. For more information read the article.
 
Sources
Qt MetaData IDAPython Script
Date: 28/11/2008  Author: Daniel Pistelli
Little IDAPython script to extract Qt metadata from binary files. For more information about this source, read the article about Qt Internals & Reversing.
DisasMSIL
Date: 30/04/2008  Author: Daniel Pistelli
DisasMSIL is a free/open disasm engine for the Microsoft Intermediate Language (MSIL). You can use it any context you wish. There are no license restrictions. The only thing I ask you to do is to send me your bug fixes (if any). For more information about this project, read the article.
Small Application Wizard
Date: 21/8/2006  Author: Daniel Pistelli
A wizard designed for Visual Studio .NET (2005) to build small applications with just a few clicks. The package includes a small libc. If you're interested in knowing more about this project, read the article.
Manifest Resources Class
Date: 09/11/2004  Author: Daniel Pistelli
A Class to handle the Manifest Resource format. For more information read the article.
AntiWFP
Date: 09/11/2004  Author: Daniel Pistelli
The Anti-WindowsFileProtection. Here you find the project files and a compiled executable. For more information read the article.