HEX DEREF PRO

HEX DEREF is a professional reverse engineering software written in C# .NET and C++. The tool has been primarily designed for dynamic analysis. The tool attempts to combine the best and most used features into one. Some of the features are notably better and/or faster making the software more sophisticated than the most of the competition. Whatever your reverse engineering task is, the tool is definitely worth a try. The software is not a port of any existing tool. It is a complete rewrite.

The source code of the software has not been released anywhere. There are approximately 57,699 lines of code. If you have not never programmed tools like HEX DEREF PRO, it will be easily for the disassembler alone several years. As of 06/2021, the tool has been developed for about (5) five years. Estimated release date: 04/2021

KEY FEATURES

  • In active development. Simpler to use, more user-friendly and faster than most of the competition.
  • One of the most advanced memory viewer ever released (includes a full memory editor), if not the most advanced, capable of drawing real-time process memory.
  • Multi-threaded disassembler. Try out the disassembly benchmark.
  • Cheat Engine's (CE) core functionality with AVX2 optimized memory scanner.

MEMORY VIEWER:

HEX DEREF - Memory Viewer
  • The memory viewer includes x64 disassembler powered by the BeaEngine
  • Switch on the fly between disassembly and normal mode
  • Change the alignment on the fly (8 Bytes, 4 Bytes, 2 Bytes and 1 Byte)
  • The normal mode view is ReClass++
  • Tab support
  • Fully dynamic
  • Built-in disassembly signature generator plugin that generates both IDA-style and code style signatures.
  • HEX DEREF - IDA style signature generator plugin

DEBUGGER FUNCTIONALITY

  • Windows debugger that uses windows debug API's: DebugActiveProcess, DebugActiveProcessStop, WaitForDebugEvent and ContinueDebugEvent.
  • A VEH debugger written in C++ (x86_64)
  • All major breakpoint methods are supported (Hardware (HWBP), INT3 and page faults) in both debugger modes.
x64 debugger

MEMORY SCANNER INCLUDES:

  • A sequence of values scan with padding.
  • Find instances of classes in memory with the hex scan and of course you can scan for IDA-style assembly signatures.

WHAT IS THE NORMAL MODE OF THE MEMORY VIEWER?

It is a memory structure analysis (attempts to find out the structure of classes in memory without source code) tool which automatically applies offsets to a given address. This functionality is considerably better version of the Cheat Engine's Dissect data/structures function, making it easier to find different data that is needed.
BLA BLA BLA.

. . .