lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue Jun  7 23:38:30 2005
From: labs-no-reply at idefense.com (iDEFENSE Labs)
Subject: iDEFENSE Labs Releases Malcode Analyst Pack


iDEFENSE Labs has released a new open source package related to
malicious code analysis which is available for download from:

    http://labs.idefense.com

Authored by David Zimmer, the Malcode Analyst Pack contains the
following GUI driven utilities:

FakeDNS    - A minimal DNS server allowing the user to have all DNS
             queries resolve to a predefined IP.

IDCDumpFix - This tool can be used to associate API names to IAT
             addresses for IDA disassemblies of raw memory dumps. Fast,
             simple technique to get a readable disassembly for
             arbitrarily packed executables.

MailPot    - A small lab-quality tool for capturing e-mails sent out by
             trojans and mass mailers.

SCLog      - Shellcode research and testing application that loads and
             executes shellcode within the context of an API hooking
             framework. Provides a runtime output log of APIs called
             while blocking certain dangerous functions. (Not for use
             outside of lab VM environments).

ShellExt   - This utility adds three shell extensions to the Windows
             Explorer right-click context menu:

             1) "Decompile" context menu item is added for CHM files.

             2) "Strings" context menu is added for all files. This
                 feature extracts all ASCII and Unicode strings from the
                 specified file and displays the results in a popup
form.

             3) "Hash Files" context menu is added for all folders. This
                 feature displays the name, size and MD5 hash of all
                 files in the specified folder in a popup form.

SniffHit   - A lightweight specialized HTTP/IRC sniffer designed to
             extract target communication data and present it in an
             easily viewable (and copy-able) interface.

SocketTool - A graphical TCP Client designed to allow the user to easily
             send text or binary data to a server, probing for
             functionality.

More information and source code are available in the bundled install
file.

Powered by blists - more mailing lists