added 8 new tools

README.md

@@ -1,62 +1,88 @@
 # Reversing Bits Cheatsheets
 
-Welcome to the **Reversing Bits Cheatsheets** repository! This collection provides comprehensive guides on various tools essential for assembly programming, reverse engineering, and binary analysis. Each cheatsheet offers installation instructions, usage examples, and advanced tips for different operating systems.
+Welcome to the Reversing Bits Cheatsheets repository! This collection provides comprehensive guides on various tools essential for assembly programming, reverse engineering, and binary analysis. Each cheatsheet offers installation instructions, usage examples, and advanced tips for different operating systems.
+
+Website: https://mohitmishra786.github.io/reversingBits/
 
-**Website:** https://mohitmishra786.github.io/reversingBits/
 
 ## Tools Included
 
 ### Assembly & Basic Analysis
-- **[NASM](src/nasm.md)**: A popular assembler for the x86 and x86-64 architectures.
-- **[GAS](src/gas.md)**: GNU Assembler, part of the GNU Binutils project, used for assembling AT&T syntax assembly.
-- **[objdump](src/objdump.md)**: A powerful tool for displaying information about object files.
-- **[Hexdump](src/hexdump.md)**: Used to display or dump binary data in hexadecimal format.
-- **[strings](src/strings.md)**: Extracts printable strings from files, useful for quick analysis.
-- **[file](src/file.md)**: Determines file type by examining its contents.
-- **[nm](src/nm.md)**: Lists symbols from object files.
-- **[readelf](src/readelf.md)**: Displays information about ELF (Executable and Linkable Format) files.
+
+- [NASM](src/nasm.md): A popular assembler for the x86 and x86-64 architectures.
+- [GAS](src/gas.md): GNU Assembler, part of the GNU Binutils project, used for assembling AT&T syntax assembly.
+- [objdump](src/objdump.md): A powerful tool for displaying information about object files.
+- [Hexdump](src/hexdump.md): Used to display or dump binary data in hexadecimal format.
+- [strings](src/strings.md): Extracts printable strings from files, useful for quick analysis.
+- [file](src/file.md): Determines file type by examining its contents.
+- [nm](src/nm.md): Lists symbols from object files.
+- [readelf](src/readelf.md): Displays information about ELF (Executable and Linkable Format) files.
+
 
 ### Debuggers & Dynamic Analysis
-- **[GDB](src/gdb.md)**: The GNU Debugger for debugging programs at the source or assembly level.
-- **[OllyDbg](src/ollydbg.md)**: A 32-bit assembler level debugger for Windows.
-- **[WinDbg](src/windbg.md)**: Microsoft's debugger for Windows applications.
-- **[QEMU](src/qemu.md)**: Emulator and virtualizer for cross-platform analysis.
-- **[Valgrind](src/valgrind.md)**: Tool suite for debugging and profiling Linux programs.
-- **[Unicorn](src/unicorn.md)**: Lightweight, multi-platform CPU emulator framework.
+
+- [GDB](src/gdb.md): The GNU Debugger for debugging programs at the source or assembly level.
+- [OllyDbg](src/ollydbg.md): A 32-bit assembler level debugger for Windows.
+- [WinDbg](src/windbg.md): Microsoft's debugger for Windows applications.
+- [QEMU](src/qemu.md): Emulator and virtualizer for cross-platform analysis.
+- [Valgrind](src/valgrind.md): Tool suite for debugging and profiling Linux programs.
+- [Unicorn](src/unicorn.md): Lightweight, multi-platform CPU emulator framework.
+
 
 ### Disassemblers & Decompilers
-- **[IDA Pro](src/idapro.md)**: Industry-standard disassembler and debugger.
-- **[Ghidra](src/ghidra.md)**: NSA's software reverse engineering suite.
-- **[Binary Ninja](src/binaryninja.md)**: Modern reverse engineering platform.
-- **[Hopper](src/hopper.md)**: Reverse engineering tool for macOS and Linux.
-- **[RetDec](src/retdec.md)**: Retargetable machine-code decompiler.
-- **[Radare2](src/radare2.md)**: Complete framework for reverse-engineering.
-- **[Rizin](src/rizin.md)**: Fork of radare2 with enhanced features.
+
+- [IDA Pro](src/idapro.md): Industry-standard disassembler and debugger.
+- [Ghidra](src/ghidra.md): NSA's software reverse engineering suite.
+- [Binary Ninja](src/binaryninja.md): Modern reverse engineering platform.
+- [Hopper](src/hopper.md): Reverse engineering tool for macOS and Linux.
+- [RetDec](src/retdec.md): Retargetable machine-code decompiler.
+- [Radare2](src/radare2.md): Complete framework for reverse-engineering.
+- [Rizin](src/rizin.md): Fork of radare2 with enhanced features.
+
 
 ### Binary Analysis Frameworks
-- **[Angr](src/angr.md)**: Python framework for binary analysis.
-- **[BAP](src/bap.md)**: Binary Analysis Platform for reverse engineering.
-- **[Capstone](src/capstone.md)**: Lightweight multi-architecture disassembly framework.
-- **[Dyninst](src/dyninst.md)**: Binary instrumentation and analysis library.
-- **[Frida](src/frida.md)**: Dynamic instrumentation toolkit.
-- **[PIN](src/pin.md)**: Intel's dynamic binary instrumentation framework.
+
+- [Angr](src/angr.md): Python framework for binary analysis.
+- [BAP](src/bap.md): Binary Analysis Platform for reverse engineering.
+- [Capstone](src/capstone.md): Lightweight multi-architecture disassembly framework.
+- [Dyninst](src/dyninst.md): Binary instrumentation and analysis library.
+- [Frida](src/frida.md): Dynamic instrumentation toolkit.
+- [PIN](src/pin.md): Intel's dynamic binary instrumentation framework.
+- [Binary Ninja Cloud](src/binaryninjacloud.md): Cloud-based reverse engineering platform by Vector 35.
+- [Cutter](src/cutter.md):  A free and open-source reverse engineering platform based on the QEMU emulator and the Capstone disassembly engine.
+- [Binary Analysis Tool (BAT)](src/binaryanalysistool.md): A framework for automated binary code analysis, providing a unified interface for various binary analysis tools.
+- [Miasm](src/miasm.md): A reverse engineering framework written in Python, focused on advanced binary analysis and code instrumentation.
+- [Triton](src/triton.md): A dynamic binary analysis framework based on PIN, providing a powerful constraint solver for symbolic execution.
+- [PEDA](src/peda.md): Python Exploit Development Assistance for GDB, enhancing the GDB debugger with additional functionality for reverse engineering.
+- [.NET IL Viewer](src/dotnetILviewer.md): A tool for analyzing .NET assemblies, allowing you to view the disassembled code and metadata.
+- [Snowman](src/snowman.md): A decompiler for x86/x64 binaries, providing a graphical user interface and support for multiple file formats.
+
+
 
 ### Malware Analysis & Security
-- **[YARA](src/yara.md)**: Pattern matching tool for malware analysis.
-- **[Zynamics](src/zynamics.md)**: Binary difference analysis tools.
-- **[Intel XED](src/intelXed.md)**: X86 encoder decoder library.
-- **[Spike](src/spike.md)**: Network protocol fuzzer.
-- **[FrEEdom](src/freedom.md)**: Binary analysis framework.
-- **[Diaphora](src/diaphora.md)**: Advanced binary diffing tool for IDA Pro.
+
+- [YARA](src/yara.md): Pattern matching tool for malware analysis.
+- [Zynamics](src/zynamics.md): Binary difference analysis tools.
+- [Intel XED](src/intelXed.md): X86 encoder decoder library.
+- [Spike](src/spike.md): Network protocol fuzzer.
+- [FrEEdom](src/freedom.md): Binary analysis framework.
+- [Diaphora](src/diaphora.md): Advanced binary diffing tool for IDA Pro.
+
+
 
 ## How to Use
-- **Installation**: Follow the OS-specific instructions in each cheatsheet for tool installation.
-- **Usage**: Each file contains usage examples, common commands, and advanced tips.
-- **Contributing**: If you have improvements or additional tools to add, please fork the repository, make your changes, and submit a pull request.
+
+- **Installation:** Follow the OS-specific instructions in each cheatsheet for tool installation.
+- **Usage:** Each file contains usage examples, common commands, and advanced tips.
+- **Contributing:** If you have improvements or additional tools to add, please fork the repository, make your changes, and submit a pull request.
+
 
 ## License
+
 This repository is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
 
+
 ## Acknowledgements
+
 - Thanks to the developers and communities behind these tools for their invaluable resources.
 - Contributions are always appreciated! Check the [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines on how to contribute.

index.html

@@ -159,7 +159,15 @@
             'valgrind': 'Valgrind',
             'windbg': 'WinDbg',
             'yara': 'YARA Pattern Matching',
-            'zynamics': 'Zynamics'
+            'zynamics': 'Zynamics',
+            'cutter': 'Cutter - Reverse Engineering Platform',
+            'binaryanalysistool': 'Binary Analysis Tool (BAT)',
+            'miasm': 'Miasm - Reverse Engineering Framework',
+            'triton': 'Triton - Dynamic Binary Analysis Framework',
+            'peda': 'PEDA - Python Exploit Development Assistance for GDB',
+            'dotnetILviewer': 'Dotnet-Offline-IL-Viewer', // Updated key
+            'snowman': 'Snowman Decompiler',
+            'binaryninjacloud': 'Binary Ninja Cloud'
         };
 
         // List of markdown files in order
@@ -198,7 +206,15 @@
             'src/valgrind.md',
             'src/windbg.md',
             'src/yara.md',
-            'src/zynamics.md'
+            'src/zynamics.md',
+            'src/cutter.md',
+            'src/binaryanalysistool.md',
+            'src/miasm.md',
+            'src/triton.md',
+            'src/peda.md',
+            'src/dotnetILviewer.md',
+            'src/snowman.md',
+            'src/binaryninjacloud.md'
         ];
 
         // Rest of the JavaScript remains the same

src/binaryanalysistool.md

@@ -0,0 +1,33 @@
+# Binary Analysis Tool (BAT) Cheatsheet
+
+BAT is a framework for automated binary code analysis, providing a unified interface for various binary analysis tools.
+
+## Installation
+
+BAT can be installed using pip:
+
+```
+pip install bat-framework
+```
+
+## Usage
+
+BAT allows you to perform various binary analysis tasks using a command-line interface. Here are some common commands:
+
+| Command | Description |
+| --- | --- |
+| `bat info <binary>` | Display basic information about the binary, such as architecture, file type, and entry point. |
+| `bat disassemble <binary>` | Disassemble the binary and display the assembly code. |
+| `bat strings <binary>` | Extract strings from the binary. |
+| `bat symbols <binary>` | List the symbols (functions, variables, etc.) in the binary. |
+| `bat xrefs <binary>` | Display cross-references (where a function or variable is used). |
+| `bat cfg <binary>` | Generate and visualize the control flow graph of the binary. |
+| `bat decompile <binary>` | Decompile the binary and display the high-level code. |
+| `bat emulate <binary>` | Emulate the execution of the binary. |
+| `bat taint <binary>` | Perform taint analysis on the binary. |
+| `bat angr <binary>` | Use the Angr framework for binary analysis. |
+| `bat radare2 <binary>` | Use the Radare2 framework for binary analysis. |
+
+You can also use BAT to write custom analysis scripts using Python. The framework provides a set of APIs for interacting with various binary analysis tools.
+
+For more detailed information and usage examples, please refer to the BAT documentation: https://bat-framework.readthedocs.io/en/latest/

src/binaryninjacloud.md

@@ -0,0 +1,32 @@
+# Binary Ninja Cloud: A Cloud-based Reverse Engineering Platform
+
+Binary Ninja Cloud is a cloud-based version of the Binary Ninja reverse engineering platform, offering collaborative analysis and cross-platform support.
+
+## Access Binary Ninja Cloud
+
+1. Sign up for a Binary Ninja Cloud account: https://cloud.binary.ninja/
+2. Log in to the Binary Ninja Cloud web application.
+
+## Key Features
+
+1. **Cross-Platform Support**: Binary Ninja Cloud can be accessed from any device with a web browser, allowing you to analyze binaries on multiple platforms.
+
+2. **Collaborative Analysis**: Multiple users can work on the same binary simultaneously, enabling collaborative reverse engineering.
+
+3. **Interactive Disassembly**: The Binary Ninja Cloud interface provides an interactive disassembly view with features like cross-references, function identification, and type analysis.
+
+4. **Scripting and Plugins**: Binary Ninja Cloud supports the full range of Binary Ninja's scripting and plugin capabilities, allowing you to extend its functionality.
+
+5. **Analysis and Visualization Tools**: Binary Ninja Cloud includes a variety of analysis and visualization tools, such as the control flow graph, data references, and call graph.
+
+6. **File Format Support**: Binary Ninja Cloud can handle a wide range of file formats, including ELF, PE, Mach-O, and more.
+
+## Usage
+
+1. In the Binary Ninja Cloud web application, click on the "Open" button to upload or open a binary file.
+2. Explore the binary using the various panes and views, such as the disassembly, graph, and symbol views.
+3. Use the toolbar and menus to access analysis features, such as function identification, type analysis, and cross-references.
+4. Write custom scripts or use the available plugins to automate tasks or extend the functionality.
+5. Collaborate with other users by inviting them to the workspace or sharing the binary analysis.
+
+For more detailed information and usage examples, please refer to the Binary Ninja Cloud documentation: https://docs.binary.ninja/getting-started/cloud.html

src/cutter.md

@@ -0,0 +1,40 @@
+# Cutter: A free and open-source reverse engineering platform
+
+Cutter is a reverse engineering platform based on the QEMU emulator and the Capstone disassembly engine. It provides a graphical user interface for various binary analysis tasks.
+
+## Key Features
+
+- Disassembly and code navigation
+- Cross-references and call graph visualization
+- Debugging support
+- Scripting and plugin system
+- Supports multiple file formats (ELF, PE, Mach-O, etc.)
+
+## Usage
+
+To get started with Cutter, follow these steps:
+
+1. Download and install Cutter from the official website: https://cutter.re/downloads.html
+2. Launch Cutter and open a binary file using the "Open File" option.
+3. Explore the various panels and views within the Cutter interface, such as the disassembly view, the functions list, the imports/exports view, and the hexdump.
+4. Use the navigation and analysis tools to explore the binary, follow control flow, and identify interesting functionalities.
+5. Utilize the scripting and plugin system to automate tasks or extend Cutter's functionality.
+
+## Cheatsheet
+
+| Action | Shortcut |
+| --- | --- |
+| Open file | Ctrl+O |
+| Save session | Ctrl+S |
+| Disassembly view | Ctrl+D |
+| Hexdump view | Ctrl+H |
+| Functions list | Ctrl+F |
+| Imports/Exports | Ctrl+I |
+| Search for a symbol | Ctrl+F |
+| Follow cross-references | Ctrl+X |
+| Go to address | Ctrl+G |
+| Debug binary | Ctrl+P |
+| Script editor | Ctrl+R |
+| Plugin manager | Ctrl+M |
+
+For more detailed information and usage examples, please refer to the Cutter documentation: https://cutter.re/docs/

src/dotnetILviewer.md

@@ -0,0 +1,36 @@
+# Dotnet-Offline-IL-Viewer
+
+Dotnet-Offline-IL-Viewer is a tool for analyzing .NET assemblies, allowing you to view the disassembled code and metadata.
+
+## Installation
+
+You can download the Dotnet-Offline-IL-Viewer from the GitHub releases page: https://github.com/0xd4d/dnSpy/releases
+
+## Usage
+
+1. Launch the Dotnet-Offline-IL-Viewer application.
+2. Open a .NET assembly file using the "File" > "Open" menu option.
+3. The tool will display the assembly's metadata, including:
+   - Assembly information (version, culture, etc.)
+   - Types (classes, structs, enums, etc.)
+   - Methods
+   - Fields
+   - Properties
+   - Events
+4. You can navigate through the assembly's contents using the tree-view on the left side of the window.
+5. Double-click on a method to view its disassembled IL (Intermediate Language) code.
+6. The IL code view provides features like:
+   - Syntax highlighting
+   - Jump to definitions
+   - Cross-references
+   - Call graph visualization
+7. You can also use the search functionality to find specific types, methods, or IL instructions.
+
+Additionally, Dotnet-Offline-IL-Viewer supports the following features:
+
+- Decompilation to C# code (requires separate decompiler plugin)
+- Disassembly of native code (e.g., P/Invoke)
+- .NET Core and .NET Standard assembly support
+- Powerful scripting and plugin system
+
+For more detailed information and usage examples, please refer to the Dotnet-Offline-IL-Viewer documentation: https://github.com/0xd4d/dnSpy/wiki

src/miasm.md

@@ -0,0 +1,39 @@
+# Miasm: A Reverse Engineering Framework
+
+Miasm is a reverse engineering framework written in Python, focused on advanced binary analysis and code instrumentation.
+
+## Installation
+
+You can install Miasm using pip:
+
+```
+pip install miasm
+```
+
+## Usage
+
+Miasm provides a range of functionalities for binary analysis, including:
+
+1. **Disassembly and Lifting**:
+   - `miasm.arch.disasm.Disassembler`: Disassemble a binary.
+   - `miasm.ir.translators.Translator`: Lift assembly to an intermediate representation (IR).
+
+2. **IR Manipulation**:
+   - `miasm.ir.ir.IRBlock`: Represent a basic block in the IR.
+   - `miasm.ir.symbexec.SymbolicExecutionEngine`: Perform symbolic execution on the IR.
+
+3. **Emulation and Taint Analysis**:
+   - `miasm.jitter.jitcore.JitCore`: Emulate the execution of a binary.
+   - `miasm.expression.expre.ExpressionTree`: Represent and manipulate expressions.
+   - `miasm.analysis.data_flow.DataFlowGraph`: Perform taint analysis on the IR.
+
+4. **Code Instrumentation**:
+   - `miasm.core.asmblock.AsmBlock`: Represent a basic block of assembly code.
+   - `miasm.core.bin_stream.BinStream`: Represent a stream of binary data.
+   - `miasm.core.parse_asm.parse_txt`: Parse assembly code.
+
+5. **Miscellaneous**:
+   - `miasm.analysis.binary`: Load and analyze a binary file.
+   - `miasm.analysis.machine`: Provide information about the target architecture.
+
+For more detailed information and usage examples, please refer to the Miasm documentation: https://miasm.re/documentation.html

src/peda.md

@@ -0,0 +1,40 @@
+# PEDA: Python Exploit Development Assistance for GDB
+
+PEDA is a Python script that enhances the GDB debugger with additional functionality for reverse engineering.
+
+## Installation
+
+To install PEDA, follow these steps:
+
+1. Clone the PEDA repository:
+   ```
+   git clone https://github.com/longld/peda.git ~/peda
+   ```
+2. Add the following lines to your `.gdbinit` file:
+   ```
+   source ~/peda/peda.py
+   ```
+
+## Usage
+
+PEDA provides a range of commands and features to enhance the GDB debugging experience:
+
+| Command | Description |
+| --- | --- |
+| `peda`        | Toggle PEDA mode |
+| `aslr`        | Toggle ASLR |
+| `checksec`    | Check security measures of the binary |
+| `pattern_create` | Create a unique pattern |
+| `pattern_search` | Search for a pattern in memory |
+| `pattern_offset` | Find the offset of a pattern |
+| `dump`        | Dump memory to a file |
+| `rop`         | Find ROP gadgets |
+| `skeleton`    | Generate a skeleton exploit script |
+| `shellcode`   | Generate shellcode for a given architecture |
+| `trace`       | Trace the execution of a function |
+| `dumpargs`    | Display the arguments passed to a function |
+| `dumpret`     | Display the return value of a function |
+| `context`     | Display context information (registers, stack, etc.) |
+| `xinfo`       | Display extended information about a variable or address |
+
+For more detailed information and usage examples, please refer to the PEDA documentation: https://github.com/longld/peda