FLOSS– The FireEye Labs Obfuscated String Solver uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries.ex_pe_xor & iheartxor– Two tools from Alexander Hanel for working with single-byte XOR encoded files.Balbuzard– A malware analysis tool for reversing obfuscation (XOR, ROL, etc) and more.Reverse XOR and other code obfuscation methods.
Also contains a good strings DB to avoid false positives
Yara rules generator– Generate yara rules based on a set of malware samples. YARA– Pattern matching tool for analysts. totalhash.py – Python script for easy searching of the database. 
Rootkit Hunter – Detect Linux rootkits.PEV – A multiplatform toolkit to work with PE files, providing feature-rich tools for proper analysis of suspicious binaries.packerid– A cross-platform Python alternative to PEiD.
#Password encryption in purebasic software#
nsrllookup – A tool for looking up hashes in NIST’s National Software Reference Library database. MultiScanner– Modular file scanning/analysis framework. Malfunction – Catalog and compare malware at a function level. hashdeep – Compute digest hashes with a variety of algorithms. File Scanning Framework – Modular, recursive file scanning solution. ExifTool – Read, write and edit file metadata. Detect-It-Easy – A program for determining types of files. chkrootkit – Local Linux rootkit detection. BinaryAlert – An open source, serverless AWS pipeline that scans and alerts on uploaded files based on a set of YARA rules. Assemblyline – A scalable distributed file analysis framework. 
AnalyzePE – Wrapper for a variety of tools for reporting on Windows PE files.
0 kommentar(er)
