Information Security
FireEye Labs Obfuscated String Solver Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources...
Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so...
pwndbg (/poʊndbæg/) is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers. Pwndbg has a lot of useful...
makin make initial malware assessment little bit easier for me. It helps to reveal a debugger detection techniques used by a sample. Note: Only supports x64 How does it work? makin opens a sample as a...
MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom...
ESET, a security company based in Bratislava, Slovakia, recently released a 19-page technical analysis report detailing three types of malware that they are using simultaneously in cyber espionage against Ukrainian government agencies. Includes features...
B&B Hospitality Group has been confirmed to be another victim of data breaches. The sales terminal (POS) of the group’s nine restaurants operating in New York City was infected by malware. According to preliminary investigations, the hacking...
Kaspersky Security Labs has discovered a very interesting malware that detects system configuration to determine which threat scheme to use. Ransomware and mining malware is currently at the top of the list of malicious...
FAME is a recursive acronym meaning “FAME Automates Malware Evaluation”. It is meant to facilitate analysis of malicious files, leveraging as much knowledge as possible in order to speed up and automate end-to-end analysis....
binsnitch can be used to detect silent unwanted changes to files on your system. It will scan a given directory recursively for files and keep track of any changes it detects, based on the...
Suggested Reading