binaryninja-api VS x64dbg

If you really want to poke around in the binary, you can use a decompiler like IDA, Ghidra, or Binary Ninja's free version.

Still $$$ for crippled functionality.

As an alternative, https://binary.ninja is gaining traction at work.

Possibly binary ninja

As I said, a regular text editor won’t do for reading a binary file, so I needed to choose a disassembler to break the challenge binaries out into their basic blocks. I chose to use Binary Ninja because it has a very easy-to-use Python API, and it’s hobbyist-level cheap (for comparison, the industry-standard disassembler is IDA Pro, which they will sell to you for roughly an arm, and continue to pick off your fingers and toes with renewal fees). I began by writing a quick script to go through a single binary and print out the opcodes it encountered in each block, just to validate that I was able to acquire the data I wanted.

It’s an awesome reverse engineering tool (https://binary.ninja). Has really nice api support so you can basically automate anything and make plugins for custom architectures and stuff like that.

If you agree, there is a GitHub issue tracking something like this for Binary Ninja specifically. Hitting that with a thumbs-up would be useful to let the developers know it's something the community wants and should be prioritized.

I have never heard anyone say anything good about the Visual Studio debugger before. Now, I'm not a Windows person but I'm not gonna argue for gdb or lldb here. RemedyBG and x64dbg are the two debuggers I've heard good things about though I've never used them because, again, not a Windows person.

[1] https://remedybg.handmade.network/

[2] https://x64dbg.com/

I'd help you out but because of circumstances I have no laptop with me. You need x86/x64 debugger to do this. This one for example Find a registration procedure and look for possible brenching to other parts of code in assembly. It's probably somewhere in the beginning. Exclude code validation and export new program version.

One interesting thing you can do is download an app like https://x64dbg.com/ or cheat engine, which will let you see the memory. You can look at the process for something you’ve made and explore it. Log a memory address from your app then go find it in the tool and interpret the bytes as an integer. Find a string and see how that works. Find a pointer, read the address it’s pointing then go look at that address. You start to see how different containers store data. I find it fascinating.

If you want to also do dynamic analysis (debugging) you can use https://x64dbg.com.

close origin and download this debugger https://github.com/x64dbg/x64dbg/releases

.exe is a complex format and not something you're going to extract raw instructions from using a hexdump. What you need is a "disassembler". For Windows I'd recommend x64dbg.

Patch the DayZServer_x64.exe, change "test al, al" to "cmp al, 2". i used x64dbg (https://x64dbg.com) a good video for the whole process: https://drive.google.com/file/d/1F1A0lpumREPXtVeoTMq1HiEnvaZp-NUU/view