| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.44.0310031850420.4059-100000@felinemenace> From: nd at felinemenace.org (ned) Subject: shellcode encoders & IDS hi list, i was thinking that too protect ourselves from unknown attacks, there must be a way to detect things such as shellcode decoders in payloads. after a bit of research, i have compiled this small list of publicly availiable encoder/decoder systems in the hope that snort or another IDS project would build rules for them. The following list is the app the encoder is featured in, the author and the type. shellforge.py: Phillip Biondi - Xor and Alpha Numeric http://www.cartel-securite.fr/pbiondi/projects/shellforge.html Pex.pm: HDM & HSJ - Xor http://www.metasploit.com/projects.html CANVAS: dave aitel - Additive and Unicode (not publicly available but recently leaked) Hellkit: stealth - Xor www.team-teso.net rix - AlphaNumeric http://www.phrack.org/phrack/57/p57-0x0f and im sure there are plenty more. If anyone know's of any other public encoder/decoder systems, send them too me so i can complete a exhastive list and so that once again,mutant payloads will be detected. - nd -- http://felinemenace.org/~nd
Powered by blists - more mailing lists