Dumpulator - An Easy-To-Use Library For Emulating Memory Dumps. Useful For Malware Analysis (Config Extraction, Unpacking) And Dynamic Analysis In General (Sandboxing)

Note: This is a work-in-progress prototype, please treat it as such. Pull requests are welcome! You can get your feet wet withgood first issues An easy-to-use library for emulating code in minidump files. Here are some links to posts/videos using dumpulator: Introduction video with OALabs:...

使用非官方渠道 Xcode 开发 App 造成的后门 (XcodeGhost)

经过对存在问题的应用进行 http 请求包进行抓取结果如下图 可以发现往 http://init.icloud-analysis.com 以POST的方式发送了数据, 而上述url则正是被爆出用于恶意收集用户信息的url 同时，XcodeGhost 病毒还可以在未越狱的 iPhone 上伪造弹窗进行钓鱼攻击，其生成的对话窗口仿真度非常高，很难辨别，因此用户如果在之前输入过iTunes密码，那么一定要尽快进行修改。 受影响部分应用列表： 微信IOS - 6.2.5 12306 - 2.12 滴滴出行 - 4.0.0.6 滴滴打车 - 3.9.7 高德地图 - 7.3.8 同花顺 -...

[Hook Analyser 2.5] Application (and Malware) Analysis tool

Application and Malware Analysis tool. Hook Analyser is a hook tool which could be potentially helpful in reversing application and analysing malwares. Changelog v2.5 This has now five 5 key functionalities: 1. Spawn and Hook to Application – This feature allows analyst to spawn an application, a...