Mac OS

Apple Mac OS X

Executable's strings lister and replacer 0.2.3a

this tool has the main purpose of finding any ASCII and unicode string inside PE and ELF executables with the possibility of modifying them using any external text editor and re-injecting them in the original executable.
technically the finding of the strings works in the following way: it disassembles all the executable sections of the input file (like .text, only x86 32 bit supported) and visualizes any string or any array of strings, so any instruction like push "string" or mov eax, "string" or mov eax, "[4*edx+array]" and so on is handled perfectly.instead the injecting of the modified strings back in the executable (ELF not supported) is performed through the adding of a new "stringz" section which contains all the new strings and the substituting of all the pointers to those strings collected in the "finding" operation with the new ones (relocation).the tool can be also used as a quick and advanced strings program (the one available on *nix) with the difference that the strings found by exestringz are not casuals but are found and confirmed by the disassembled code avoiding false positives.anyway through the -b option the tool can acts exactly like the strings program and naturally can also re-import the modified strings.there is also an "experimental" option specific for the Asian utf8 which was also the reason of the initial creation of this tool for the translating of a Japanese game.note that for obvious technical reasons is not possible to export and re import ever all the strings for any executable because in some cases (usually with big programs) could be generated false positives, anyway the output file generated by the tool is very easy to understand and edit so it's not a problem.

technical limitations:

Offbreak 0.3.3 (offbreak)

tool for monitoring the offsets of specific files read and written by a target program and breaks its execution for debugging it.
Offbreak can set an INT3, set an hardware and software breakpoint, automatically attach the system debugger and display a MessageBox when the monitored files and offsets are handled by the make the debugging more easy, Offbreak sets some registers to show the buffer containing the data read/written, the amount of bytes in the operation, name of the API and full name of the file.
additional information are available at runtime.

Dr. Memory

Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units and heap underflow and overflow), accesses to freed memory, double frees, memory leaks, and (on Windows) handle leaks, GDI API usage errors, and accesses to un-reserved thread local storage slots.

Dr. Memory operates on unmodified application binaries running on Windows, Linux, Mac, or Android on commodity IA-32, AMD64, and ARM hardware.

Dr. Memory is built on the DynamoRIO dynamic instrumentation tool platform.

The LLDB Debugger

LLDB is a next generation, high-performance debugger. It is built as a set of reusable components which highly leverage existing libraries in the larger LLVM Project, such as the Clang expression parser and LLVM disassembler.LLDB is the default debugger in Xcode on Mac OS X and supports debugging C, Objective-C and C++ on the desktop and iOS devices and simulator.All of the code in the LLDB project is available under the standard LLVM License, an open source "BSD-style" license.

LLDB currently converts debug information into clang types so that it can leverage the clang compiler infrastructure. This allows LLDB to support the latest C, C++, Objective C and Objective C++ language features and runtimes in expressions without having to reimplement any of this functionality. It also leverages the compiler to take care of all ABI details when making functions calls for expressions, when disassembling instructions and extracting instruction details, and much more.

The major benefits include:

Up to date language support for C, C++, Objective C
Multi-line expressions that can declare local variables and types
Utilize the JIT for expressions when supported
Evaluate expression Intermediate Representation (IR) when JIT can't be used


Valgrind is an instrumentation framework for building dynamic analysis tools. There are Valgrind tools that can automatically detect many memory management and threading bugs, and profile your programs in detail. You can also use Valgrind to build new tools.

The Valgrind distribution currently includes six production-quality tools: a memory error detector, two thread error detectors, a cache and branch-prediction profiler, a call-graph generating cache and branch-prediction profiler, and a heap profiler. It also includes three experimental tools: a stack/global array overrun detector, a second heap profiler that examines how heap blocks are used, and a SimPoint basic block vector generator. It runs on the following platforms: X86/Linux, AMD64/Linux, ARM/Linux, ARM64/Linux, PPC32/Linux, PPC64/Linux, PPC64LE/Linux, S390X/Linux, MIPS32/Linux, MIPS64/Linux, TILEGX/Linux, X86/Solaris, AMD64/Solaris, ARM/Android (2.3.x and later), ARM64/Android, X86/Android (4.0 and later), MIPS32/Android, X86/Darwin and AMD64/Darwin (Mac OS X 10.10, with initial support for 10.11).

Valgrind is Open Source / Free Software, and is freely available under the GNU General Public License, version 2.

DBG | PHP Debugger and Profiler.

General features:

native debugger. Works transparently, neither script nor PHP engine modifications required.
server part (dbg module) runs on all platforms where PHP itself runs.
works transparently across the global network as well as locally.
JIT. When enabled it can start debugging Just In Time when an error happens.
supports back-trace, e.g. displays a list of all procedures with their local variables, the current execution position reached from. In other words you can watch local variables or function parameters in all active and nested scopes.
certainly, you can execute script in the debugger step by step (step-in, step-out, step-over, run to cursor, change execution point withing current scope...), evaluate any valid php expression(s) or inspect arrays, classes and simple variables, modify their values on the fly and even create any new variables. Dbg supports conditional breakpoints and even global ones (commercial version only). Breakpoints can be skipped specified number of times.
allows to change execution point (commercial version only).
has embedded profiler, so now it's easy to find out a bottleneck in the scripts.
allows multiple debugger processes running simultaneously.
compatible with php-4.0.6 and higher (commercial is compatible with php 4.3 and higher).
has open COM interfaces for integration with win32-based 3rd party IDEs.
Commercial version of DBG (3.x) is available with commercial version of PhpED PHP IDE only, see review for details.
Linux, BSD, SunOs, MacOs and Win32 platoforms are supported.
Free version (2.15) is available on this site. It works with PHP Edit, PHP Coder and some other IDEs.
Free dbg front-end (dbg-cli) for Linux/Unix can be used to debug scripts either directly or under DDD 3.3.9 (GNU debugger). Also see RedHat 7.3, YellowDog and Mandrake distributions at RPM Find site.

Opera Dragonfly

Opera Dragonfly is built right into the browser and updates automatically behind the scenes. Launch Opera Dragonfly with Ctrl + Shift + I on Windows and Linux, or ⌘ + ⌥ + I on Mac. Alternatively, you can target a specific element by right-clicking in the page and selecting “Inspect Element”.

Fully loaded
A full suite of tools puts you in control. Step through your code, manipulate the DOM, monitor network traffic, search for what you need, filter away what you don’t, and a whole lot more. Whether you are a developer or a designer, Opera Dragonfly has the tools to keep you covered

Develop for mobile, tablet or TV? Opera Dragonfly has that covered too. Remote debugging allows you to connect to the Opera browser on your device and to start debugging from your PC or Mac. All the features are available, so you don’t need to compromise.


FusionDebug an interactive step debugger for CFML, compatible with Adobe ColdFusion, Railo and Lucee. It enables developers to step through code line-by-line, step into, over or out of code to better understand how code is running.

No code changes.
Can debug Flex, Ajax, Web Service and Flash Remoting requests.
Change variables on the fly.
Debug requests from any user.
Debug complex applications.
View stack traces.



LFI_Fuzzploit is a simple tool to help in the fuzzing for, finding,and exploiting local file inclusions in Linux based PHP applications. Using special encoding and fuzzing techniques lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a Local file inclusion.In addition to LFI_fuzzploit's fuzzing and encoding techniques, it also has built in methods for LFI exploitation including /proc/self/environ shell exploit, File descriptor shell and LFI shell via log injection. LFI_fuzzploit injects code using different command injection functions in the event that certain functions are disabled. Coded by nullbyt3.


FTimes is a system baselining and evidence collection tool. The primary purpose of FTimes is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis.FTimes is a lightweight tool in the sense that it doesn't need to be "installed" on a given system to work on that system, it is small enough to fit on a single floppy, and it provides only a command line interface.Preserving records of all activity that occurs during a snapshot is important for intrusion analysis and evidence admissibility. For this reason, FTimes was designed to log four types of information: configuration settings, progress indicators, metrics, and errors. Output produced by FTimes is delimited text, and therefore, is easily assimilated by a wide variety of existing tools.FTimes basically implements two general capabilities: file topography and string search. File topography is the process of mapping key attributes of directories and files on a given file system. String search is the process of digging through directories and files on a given file system while looking for a specific sequence of bytes. Respectively, these capabilities are referred to as map mode and dig mode.FTimes supports two operating environments: workbench and client-server. In the workbench environment, the operator uses FTimes to do things such as examine evidence (e.g., a disk image or files from a compromised system), analyze snapshots for change, search for files that have specific attributes, verify file integrity, and so on. In the client-server environment, the focus shifts from what the operator can do locally to how the operator can efficiently monitor, manage, and aggregate snapshot data for many hosts. In the client-server environment, the primary goal is to move collected data from the host to a centralized system, known as an Integrity Server, in a secure and authenticated fashion.

Syndicate content