Lucene search
K

477 matches found

Symantec
Symantec
added 2017/05/09 8:0 a.m.90 views

SA148: Linux Kernel Vulnerabilities Feb-Apr 2017

SUMMARY Symantec Network Protection products that include a vulnerable version of the Linux kernel are susceptible to multiple vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to execute arbitrary code. The attacker can also cause deni...

10CVSS3.7AI score0.2389EPSS
Exploits9Affected Software14
Kitploit
Kitploit
added 2017/04/07 2:30 p.m.96 views

oletools - Tools to analyze MS OLE2 files and MS Office documents, for malware analysis, forensics and debugging

oletools is a package of python tools to analyze Microsoft OLE2 files also called Structured Storage, Compound File Binary Format or Compound Document File Format, such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on the...

7.2AI score
Exploits0References20
n0where
n0where
added 2017/03/23 5:39 p.m.20 views

Open Source Malware Analysis Platform: FAME

Open Source Malware Analysis Platform FAME is an open source malware analysis platform that is meant to facilitate analysis of malware-related files, leveraging as much knowledge as possible in order to speed up and automate end-to-end analysis. FAME should be seen as a malware analysis framework...

Exploits0References1
n0where
n0where
added 2017/03/17 6:13 a.m.64 views

Online Malware & URL Analysis: MalSub

Online Malware & URL Analysis malsub is a Python 3.6.x framework that wraps several web services of online malware and URL analysis sites through their RESTful Application Programming Interfaces APIs . It supports submitting files or URLs for analysis, retrieving reports by hash values, domains,...

0.1AI score
Exploits0References1
n0where
n0where
added 2017/02/13 9:0 p.m.32 views

Malware Information Sharing Platform: MISP

Malware Information Sharing Platform MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is...

6.8AI score
Exploits0References7
Symantec
Symantec
added 2017/02/09 8:0 a.m.57 views

SA141 : OpenSSL Vulnerabilities 26-Jan-2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain private key information. AFFECTED PRODUCTS The following products are vulnerable:...

5CVSS1.3AI score0.57595EPSS
Exploits6Affected Software23
FireEye
FireEye
added 2017/01/04 2:2 p.m.44 views

FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)

Introduction This post continues the FireEye Labs Advanced Reverse Engineering FLARE script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on...

7.2CVSS7.8AI score0.24554EPSS
Exploits10References4
FireEye
FireEye
added 2017/01/04 9:2 a.m.116 views

FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)

Introduction This post continues the FireEye Labs Advanced Reverse Engineering FLARE script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on...

7.2CVSS7.7AI score0.24554EPSS
Exploits10
n0where
n0where
added 2016/12/24 6:28 a.m.29 views

Portable Malware Analysis Sandbox: Noriben

Portable Malware Analysis Sandbox Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2016/12/23 2:7 p.m.20 views

Noriben - Portable, Simple, Malware Analysis Sandbox

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample's activities. Noriben...

7.6AI score
Exploits0References1
Symantec
Symantec
added 2016/12/13 8:0 a.m.337 views

SA136 : OpenSSH Vulnerabilities

SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to enumerate existing user accounts and cause denial of service through excessive CPU consumption...

7.8CVSS1.7AI score0.88944EPSS
Exploits17Affected Software12
Kitploit
Kitploit
added 2016/12/08 1:22 p.m.19 views

Cosa Nostra - A FOSS Graph Based Malware Clusterization Toolkit

Cosa Nostra is an open source software clustering toolkit with a focus on malware analysis. It can create phylogenetic trees of binary malware samples that are structurally similar. It was initially released during SyScan360 Shanghai 2016. Getting started Required 3rd party tools In order to use...

7.3AI score
Exploits0References2
n0where
n0where
added 2016/12/07 6:19 a.m.26 views

Malware Analysis Windows VM: Malboxes

Malware Analysis Windows VM Vagrant box builder and config generator for malware analysis. The malware battle online is far from being over. Several thousands of new malware binaries are collected by antivirus companies every day. Most organizations don’t have the expertise on staff to know if th...

0.2AI score
Exploits0References2
n0where
n0where
added 2016/12/04 10:35 p.m.43 views

Open Source Malware Clusterization Toolkit: Cosa Nostra

Open Source Malware Clusterization Toolkit Cosa Nostra is an open source software clustering toolkit with a focus on malware analysis. It can create phylogenetic trees of binary malware samples that are structurally similar. It was initially released during SyScan360 Shanghai 2016. Required 3rd...

0.7AI score
Exploits0References3
Symantec
Symantec
added 2016/11/30 8:0 a.m.49 views

SA135 : OpenSSL Vulnerabilities 10-Nov-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain SSL/TLS session key information. AFFECTED PRODUCTS The following products are vulnerable: Director -...

5CVSS1.5AI score0.32389EPSS
Exploits4Affected Software7
Kitploit
Kitploit
added 2016/10/17 2:30 p.m.38 views

DracOS - Lightweight and Powerful Penetration Testing OS

Dracos Linux www.dracos-linux.org is the Linux operating system from Indonesian , open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testin...

7.5AI score
Exploits0
n0where
n0where
added 2016/10/07 5:10 a.m.16 views

Automated Memory Analyzer For Malware Samples: VolatilityBot

Automated Memory Analyzer For Malware Samples VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation. Not only does it automaticall...

0.8AI score
Exploits0References1
n0where
n0where
added 2016/09/30 11:49 p.m.1472 views

Free Open Source Self Hosted VirusTotal: Malice

Free Open Source Self Hosted VirusTotal Malice’s mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company.’ Ubuntu Install: Install Go $ sudo add-apt-repository ppa:ubuntu-lxc/lxd-stable $ sudo apt-get updat...

7.2AI score
Exploits0References1
n0where
n0where
added 2016/09/26 3:53 p.m.29 views

One Click Symbolic Execution: Ponce

Ponce pronounced ‘poN θe pon-they is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion. With Ponce you are one click away from getting all the power from cutting edge symbolic execution. Entirely writt...

8AI score
Exploits0References3
Symantec
Symantec
added 2016/09/14 8:0 a.m.85 views

SA131 : TCP Session Hijacking in Operating Systems Supporting RFC 5961

SUMMARY Blue Coat products that include a vulnerable version of an operating system that supports RFC 5961 are susceptible to a TCP session hijacking vulnerability. A remote, off-path attacker can infer the sequence numbers of an existing TCP connection, and either reset the connection or inject...

5.8CVSS1.4AI score0.15073EPSS
Exploits3Affected Software13
Rows per page
Query Builder