Update malware-analysis_ref_and_memo.md

malware-analysis_ref_and_memo.md

@@ -20,27 +20,27 @@ DFIR,マルウェア解析，OSINTに特化したUbuntuベースのディスト
 
 |name|disassembler|decompiler|debugger|reference|
 |:-|:-|:-|:-|:-|
-|IDA pro|〇|〇(Not free)|〇||||||
-|Binary Ninja|〇||||||||
-|Cutter|〇|r2dec,r2ghidra|native<br>gdb<br>windbg<br>etc.|[INTRO TO CUTTER FOR MALWARE ANALYSIS(2019-03)](https://malwology.com/2019/03/14/intro-to-cutter-for-malware-analysis/)<br>[megabeets.net](https://www.megabeets.net/?s=cutter)<br>[Cutter: Presenting r2ghidra Decompiler,r2con 2019](https://www.youtube.com/watch?v=eHtMiezr7l8&list=LLTk6-mAiILdt3V27uab14LA&index=8&t=0s)|||||
-|Ghidra|〇|〇||[Reversing WannaCry Part 2 - Diving into the malware with #Ghidra,youtube](https://www.youtube.com/watch?v=Q90uZS3taG0)<br>[cheetsheet](https://www.oldergeeks.com/downloads/file.php?id=2767)<br>[Scripting in Ghidra, Patching MacOS Image2Icon](https://duraki.github.io/posts/o/20200227-ghidra-scripting-image2icon.html)<br>[]()|||||
-|x64/x32dbg|〇|Snowman|〇||||||
-|WinDbg|〇||〇||||||
+|[IDA pro](https://www.hex-rays.com/products/ida/)|〇|〇(Not free)|〇||||||
+|[Binary Ninja](https://binary.ninja/)|〇||||||||
+|[Cutter](https://github.com/radareorg/cutter)|〇|r2dec,r2ghidra|native<br>gdb<br>windbg<br>etc.|[INTRO TO CUTTER FOR MALWARE ANALYSIS(2019-03)](https://malwology.com/2019/03/14/intro-to-cutter-for-malware-analysis/)<br>[megabeets.net](https://www.megabeets.net/?s=cutter)<br>[Cutter: Presenting r2ghidra Decompiler,r2con 2019](https://www.youtube.com/watch?v=eHtMiezr7l8&list=LLTk6-mAiILdt3V27uab14LA&index=8&t=0s)|||||
+|[Ghidra](https://ghidra-sre.org/)|〇|〇||[Reversing WannaCry Part 2 - Diving into the malware with #Ghidra,youtube](https://www.youtube.com/watch?v=Q90uZS3taG0)<br>[cheetsheet](https://www.oldergeeks.com/downloads/file.php?id=2767)<br>[Scripting in Ghidra, Patching MacOS Image2Icon](https://duraki.github.io/posts/o/20200227-ghidra-scripting-image2icon.html)<br>[]()|||||
+|[x64/x32dbg](https://x64dbg.com/#start)|〇|Snowman|〇||||||
+|[WinDbg](https://docs.microsoft.com/ja-jp/windows-hardware/drivers/debugger/debugger-download-tools)|〇||〇||||||
 |GDB|〇||〇||||||
 |objdump|〇|||
-|Snowman||〇|||||||
+|[Snowman](https://derevenets.com/)||〇|||||||
 
 |name|plugin|price|platform|remarks|
 |:-|:-|:-|:-|:-|
-|IDA pro|[Lighthouse](https://github.com/gaasedelen/lighthouse)<br>[UEFI_RETool](https://github.com/yeggor/UEFI_RETool/tree/master/ida_plugin)<br>[VT-IDA Plugin](https://github.com/VirusTotal/vt-ida-plugin)|Not free|multi||||||
-|Binary Ninja|[Lighthouse](https://github.com/gaasedelen/lighthouse)|Not free|||||||
-|Cutter|[CutterDRcov](https://github.com/oddcoder/CutterDRcov)<br>[Jupyter Plugin for Cutter](https://github.com/radareorg/cutter-jupyter)<br>[x64dbgcutter](https://github.com/yossizap/x64dbgcutter)<br>[etc.](https://github.com/radareorg/cutter-plugins)|free|multi||||||
-|Ghidra|[pwndra](https://github.com/0xb0bb/pwndra)<br>[ghidra_scripts](https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_scripts)<br>[OOAnalyzer](https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html)|free|multi||||||
-|x64/x32dbg|[DbgChild](https://github.com/David-Reguera-Garcia-Dreg/DbgChild)<br>[checksec](https://github.com/klks/checksec)<br>[idenLib](https://github.com/secrary/idenLib)<br>[xdbg](https://github.com/brock7/xdbg)<br>[ScyllaHide](https://github.com/x64dbg/ScyllaHide)<br>[x64dbgpylib](https://github.com/x64dbg/x64dbgpylib)<br>[ClawSearch](https://github.com/codecat/ClawSearch)<br>[x64dbg-dark](https://github.com/nextco/x64dbg-dark)<br>[UaraGen](https://github.com/mrexodia/YaraGen)<br>[xAnalyzer](https://github.com/ThunderCls/xAnalyzer)<br>[Unpacking Script](https://github.com/x64dbg/Scripts)|free|windows||||||
+|[IDA pro](https://www.hex-rays.com/products/ida/)|[Lighthouse](https://github.com/gaasedelen/lighthouse)<br>[UEFI_RETool](https://github.com/yeggor/UEFI_RETool/tree/master/ida_plugin)<br>[VT-IDA Plugin](https://github.com/VirusTotal/vt-ida-plugin)|Not free|multi||||||
+|[Binary Ninja](https://binary.ninja/)|[Lighthouse](https://github.com/gaasedelen/lighthouse)<br>[BinDbg](https://github.com/kukfa/bindbg)|Not free|multi||||||
+|[Cutter](https://github.com/radareorg/cutter)|[CutterDRcov](https://github.com/oddcoder/CutterDRcov)<br>[Jupyter Plugin for Cutter](https://github.com/radareorg/cutter-jupyter)<br>[x64dbgcutter](https://github.com/yossizap/x64dbgcutter)<br>[etc.](https://github.com/radareorg/cutter-plugins)|free|multi||||||
+|[Ghidra](https://ghidra-sre.org/)|[pwndra](https://github.com/0xb0bb/pwndra)<br>[ghidra_scripts](https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_scripts)<br>[OOAnalyzer](https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html)|free|multi||||||
+|[x64/x32dbg](https://x64dbg.com/#start)|[DbgChild](https://github.com/David-Reguera-Garcia-Dreg/DbgChild)<br>[checksec](https://github.com/klks/checksec)<br>[idenLib](https://github.com/secrary/idenLib)<br>[xdbg](https://github.com/brock7/xdbg)<br>[ScyllaHide](https://github.com/x64dbg/ScyllaHide)<br>[x64dbgpylib](https://github.com/x64dbg/x64dbgpylib)<br>[ClawSearch](https://github.com/codecat/ClawSearch)<br>[x64dbg-dark](https://github.com/nextco/x64dbg-dark)<br>[UaraGen](https://github.com/mrexodia/YaraGen)<br>[xAnalyzer](https://github.com/ThunderCls/xAnalyzer)<br>[Unpacking Script](https://github.com/x64dbg/Scripts)|free|windows||||||
 |WinDbg||free|windows|Kernel mode debugging possible|||||
-|GDB|gdbpeda<br>pwngdb|free|linux||||||
+|GDB|gdbpeda<br>pwngdb|free|linux|[onlinegdb](https://www.onlinegdb.com/)|||||
 |objdump||free|linux||
-|Snowman|||||||||
+|[Snowman](https://derevenets.com/)||free|windows||||||
 
 ### Tracer
 - [drltrace](https://github.com/DynamoRIO/drmemory/tree/master/drltrace)