Lucene search
K

162 matches found

FireEye
FireEye
added 2017/09/18 9:0 p.m.22 views

rVMI: Perform Full System Analysis with Ease

Manual dynamic analysis is an important concept. It enables us to observe the behavior of a sophisticated malware sample or exploit by executing it in a controlled environment. The information gathered through this process is often crucial in gaining a full understanding of a sample. When...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2017/08/12 10:44 p.m.18 views

PyREBox - Python scriptable Reverse Engineering Sandbox

PyREBox is a Python scriptable Reverse Engineering sandbox. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. PyREBox allows to inspect a running QEMU VM, modify its memory or registers, and to...

7AI score
Exploits0References7
n0where
n0where
added 2017/08/07 9:35 p.m.46 views

The Windows Malware Analysis Distribution: flare-vm

FLARE VM is a freely available and open sourced Windows-based security distribution designed for reverse engineers, malware analysts, incident responders, forensicators, and penetration testers. Inspired by open-source Linux-based security distributions like Kali Linux, REMnux and others, FLARE V...

0.2AI score
Exploits0References2
Kitploit
Kitploit
added 2017/08/01 2:32 p.m.618 views

Arachni v1.5.1 - Web Application Security Scanner Framework

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is...

7.9AI score
Exploits0References9
Talos Blog
Talos Blog
added 2017/07/17 6:55 p.m.84 views

PyREBox, a Python Scriptable Reverse Engineering Sandbox

This post was authored by Xabier Ugarte PedreroIn Talos, we are continuously trying to improve our research and threat intelligence capabilities. As a consequence, we not only leverage standard tools for analysis, but we also focus our efforts on innovation, developing our own technology to...

6.7AI score
Exploits0
FireEye
FireEye
added 2017/07/05 3:0 p.m.15 views

Introducing Linux Support for FakeNet-NG: FLARE’s Next Generation Dynamic Network Analysis Tool

Introduction In 2016, FLARE introduced FakeNet-NG, an open-source network analysis tool written in Python. FakeNet-NG allows security analysts to observe and interact with network applications using standard or custom protocols on a single Windows host, which is especially useful for malware...

6.6AI score
Exploits0References3
FireEye
FireEye
added 2017/07/05 11:0 a.m.31 views

Introducing Linux Support for FakeNet-NG: FLARE’s Next Generation Dynamic Network Analysis Tool

Introduction In 2016, FLARE introduced FakeNet-NG, an open-source network analysis tool written in Python. FakeNet-NG allows security analysts to observe and interact with network applications using standard or custom protocols on a single Windows host, which is especially useful for malware...

6.6AI score
Exploits0
Talos Blog
Talos Blog
added 2017/06/19 2:41 a.m.53 views

BASS - BASS Automated Signature Synthesizer

This blog post was authored by Jonas Zaddach and Mariano Graziano.Executive SummaryGiven the rapid pace of change in the threat landscape with new threats emerging and existing ones evolving, there are bound to be challenges defenders face. These challenges can manifest in multiple ways, such as...

7AI score
Exploits0
Kitploit
Kitploit
added 2017/04/27 2:30 p.m.112 views

Inspeckage - (Android Package Inspector) Dynamic Analysis With Api Hooks, Start Unexported Activities And More

Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you understand what an Android application is doing at runtime. http://ac-pm.github.io/Inspeckage https://twitter.com/inspeckage...

7.1AI score
Exploits0References2
n0where
n0where
added 2017/04/26 4:35 a.m.1900 views

Mobile Security Framework: MobSF

Mobile Security Framework is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We’ve been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test and...

7.2AI score
Exploits0References3
FireEye
FireEye
added 2017/03/31 10:15 a.m.28 views

Introducing Monitor.app for macOS

As a malware analyst or systems programmer, having a suite of solid dynamic analysis tools is vital to being quick and effective. These tools enable us to understand malware capabilities and undocumented components of the operating system. One obvious tool that comes to mind is Procmon from the...

0.2AI score
Exploits0
FireEye
FireEye
added 2017/03/31 10:15 a.m.15 views

Introducing Monitor.app for macOS

UPDATE 2 Oct. 24, 2018: Monitor.app now supports macOS 10.14. UPDATE April 4, 2018: Monitor.app now supports macOS 10.13. As a malware analyst or systems programmer, having a suite of solid dynamic analysis tools is vital to being quick and effective. These tools enable us to understand malware...

6.8AI score
Exploits0
FireEye
FireEye
added 2017/03/31 12:0 a.m.10 views

Introducing Monitor.app for macOS

UPDATE 2 Oct. 24, 2018: Monitor.app now supports macOS 10.14. UPDATE April 4, 2018: Monitor.app now supports macOS 10.13. As a malware analyst or systems programmer, having a suite of solid dynamic analysis tools is vital to being quick and effective. These tools enable us to understand malware...

6.8AI score
Exploits0References3
n0where
n0where
added 2017/03/04 6:45 p.m.100 views

Android Package Inspector: Inspeckage

Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you understand what an Android application is doing at runtime. Inspeckage will let you interact with some elements of the app, such as...

7.1AI score
Exploits0References1
myhack58
myhack58
added 2016/12/19 12:0 a.m.80 views

Through static analysis and detection binary code in Use-After-Free vulnerability-vulnerability warning-the black bar safety net

Use-After-Free is a well-known vulnerability types, is often a modern attack code The use of referring to Pwn2own 2016 on. In the research project AnaStaSec, AMOSSYS provides a lot of information about how the static detection binary code of such vulnerability. In this blog, we will send the read...

Exploits0
n0where
n0where
added 2016/08/27 3:53 a.m.31 views

Dynamic Diversification Engine: malWASH

Dynamic Diversification Engine malWASH is a dynamic diversification engine that executes an arbitrary program without being detected by dynamic analysis tools. In other words, it is a malware engine, that can make existing malware, to evade all existing behavioral and dynamic analysis detection...

0.8AI score
Exploits0References1
FireEye
FireEye
added 2016/08/03 4:30 a.m.231 views

FakeNet-NG: Next Generation Dynamic Network Analysis Tool

As a reverse engineer on the FLARE FireEye Labs Advanced Reverse Engineering team, I regularly perform basic dynamic analysis of malware samples. The goal is to quickly observe runtime characteristics by running binaries in a safe environment. One important task during dynamic analysis is to...

6.9AI score
Exploits0
FireEye
FireEye
added 2016/08/03 4:30 a.m.54 views

FakeNet-NG: Next Generation Dynamic Network Analysis Tool

As a reverse engineer on the FLARE FireEye Labs Advanced Reverse Engineering team, I regularly perform basic dynamic analysis of malware samples. The goal is to quickly observe runtime characteristics by running binaries in a safe environment. One important task during dynamic analysis is to...

Exploits0
Kitploit
Kitploit
added 2016/07/28 10:37 p.m.32 views

Limon - Sandbox for Analyzing Linux Malwares

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2016/06/10 9:55 p.m.194 views

Detux - The Multiplatform Linux Sandbox

Detux is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used to emulate Linux Debian for various CPU architectures. The following CPUs are currently supported: x86 x86-64 ARM MIPS MIPSEL Use the Live version now:...

7AI score
Exploits0References1
Rows per page
Query Builder