lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue Jun 7 23:38:30 2005 From: labs-no-reply at idefense.com (iDEFENSE Labs) Subject: iDEFENSE Labs Releases Malcode Analyst Pack iDEFENSE Labs has released a new open source package related to malicious code analysis which is available for download from: http://labs.idefense.com Authored by David Zimmer, the Malcode Analyst Pack contains the following GUI driven utilities: FakeDNS - A minimal DNS server allowing the user to have all DNS queries resolve to a predefined IP. IDCDumpFix - This tool can be used to associate API names to IAT addresses for IDA disassemblies of raw memory dumps. Fast, simple technique to get a readable disassembly for arbitrarily packed executables. MailPot - A small lab-quality tool for capturing e-mails sent out by trojans and mass mailers. SCLog - Shellcode research and testing application that loads and executes shellcode within the context of an API hooking framework. Provides a runtime output log of APIs called while blocking certain dangerous functions. (Not for use outside of lab VM environments). ShellExt - This utility adds three shell extensions to the Windows Explorer right-click context menu: 1) "Decompile" context menu item is added for CHM files. 2) "Strings" context menu is added for all files. This feature extracts all ASCII and Unicode strings from the specified file and displays the results in a popup form. 3) "Hash Files" context menu is added for all folders. This feature displays the name, size and MD5 hash of all files in the specified folder in a popup form. SniffHit - A lightweight specialized HTTP/IRC sniffer designed to extract target communication data and present it in an easily viewable (and copy-able) interface. SocketTool - A graphical TCP Client designed to allow the user to easily send text or binary data to a server, probing for functionality. More information and source code are available in the bundled install file.
Powered by blists - more mailing lists