Search the Community
Showing results for tags 'library'.
-
Graphical interface for PortEx, a Portable Executable and Malware Analysis Library. PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala and targeted at Java applications. Features Header information from MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table PE Structures: Import Section, Resource Section, Export Section, Debug Section Scanning for file format anomalies, including structural anomalies, and deprecated, reserved, wrong, or non-default values. Visualize file structure, local entropies, and byteplot, and save it as PNG Calculate Shannon Entropy, imphash, MD5, SHA256, Rich and RichPV hash Overlay and overlay signature scanning Version information and manifest [hide][Hidden Content]]
-
- portexanalyzergui:
- portable
-
(and 5 more)
Tagged with:
-
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header, Optional Header, Section Table Reading PE structures: Imports, Resources, Exports, Debug Directory, Relocations, Delay Load Imports, Bound Imports Dumping of sections, resources, overlay, embedded ZIP, JAR or .class files Scanning for file format anomalies, including structural anomalies, deprecated, reserved, wrong or non-default values. Visualize PE file structure, local entropies and byteplot of the file with variable colors and sizes Calculate Shannon Entropy and Chi Squared for files and sections Calculate ImpHash and Rich and RichPV hash values for files and sections Parse RichHeader and verify checksum Calculate and verify Optional Header checksum Scan for PEiD signatures, internal file type signatures or your own signature database Scan for Jar to EXE wrapper (e.g. exe4j, jsmooth, jar2exe, launch4j) Extract Unicode and ASCII strings contained in the file Extraction and conversion of .ICO files from icons in the resource section Extraction of version information and manifest from the file Reading .NET metadata and streams (Alpha) [hide][Hidden Content]]
-
ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). ScyllaHide supports various debuggers with plugins: OllyDbg v1 and v2 x64dbg Hex-Rays IDA v6+ TitanEngine v2 PE x64 debugging is fully supported with plugins for x64dbg and IDA. Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger. Features Anti-Anti-Debug Process Environment Block (PEB) NtSetInformationThread NtSetInformationProcess NtQuerySystemInformation NtQueryInformationProcess NtQueryObject NtYieldExecution NtCreateThreadEx OutputDebugStringA (deprecated since v1.3) BlockInput NtUserFindWindowEx NtUserBuildHwndList NtUserQueryWindow NtSetDebugFilterState NtClose Remove Debug Privileges Hardware Breakpoint Protection (DRx) Timing Raise Exception Special DLL Injection Prevent Thread Creation RunPE Unpacker Improved Attach Dialog OllyDbg v1 Specific Remove entry point breakpoint Fix Olly Bugs x64 single-step fix Skip Entrypoint outside code Ignore bad PE image Skip compressed code warning Skip ”load dll” warning Break on TLS Advanced CTRL+G Change window caption Special Keyboard Shortcuts Custom Toolbar Exception Problem OllyDbg v2 Specific Change window caption IDA Specific Server Option x64dbg Specific TitanEngine Specific Changelog v2020-12-15 Fix regression in x64dbg plugin caused by 9ad0839d. Fixes #115 [hide][Hidden Content]]
-
- scyllahide
- v2020-12-15
-
(and 6 more)
Tagged with:
-
ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). ScyllaHide supports various debuggers with plugins: OllyDbg v1 and v2 x64dbg Hex-Rays IDA v6+ TitanEngine v2 PE x64 debugging is fully supported with plugins for x64dbg and IDA. Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger. Features Anti-Anti-Debug Process Environment Block (PEB) NtSetInformationThread NtSetInformationProcess NtQuerySystemInformation NtQueryInformationProcess NtQueryObject NtYieldExecution NtCreateThreadEx OutputDebugStringA (deprecated since v1.3) BlockInput NtUserFindWindowEx NtUserBuildHwndList NtUserQueryWindow NtSetDebugFilterState NtClose Remove Debug Privileges Hardware Breakpoint Protection (DRx) Timing Raise Exception Special DLL Injection Prevent Thread Creation RunPE Unpacker Improved Attach Dialog OllyDbg v1 Specific Remove entry point breakpoint Fix Olly Bugs x64 single-step fix Skip Entrypoint outside code Ignore bad PE image Skip compressed code warning Skip ”load dll” warning Break on TLS Advanced CTRL+G Change window caption Special Keyboard Shortcuts Custom Toolbar Exception Problem OllyDbg v2 Specific Change window caption IDA Specific Server Option x64dbg Specific TitanEngine Specific Changelog v2020-12-13 Fix IDA plugin build [hide][Hidden Content]]
-
- scyllahide
- v2020-12-13
-
(and 6 more)
Tagged with:
-
ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). ScyllaHide supports various debuggers through plugins: OllyDbg v1 and v2 x64dbg Hex-Rays IDA v6 (not supported) TitanEngine v2 (original and updated versions) PE x64 debugging is fully supported with plugins for x64dbg and IDA. Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger. Features Anti-Anti-Debug Process Environment Block (PEB) NtSetInformationThread NtSetInformationProcess NtQuerySystemInformation NtQueryInformationProcess NtQueryObject NtYieldExecution NtCreateThreadEx OutputDebugStringA (deprecated since v1.3) BlockInput NtUserFindWindowEx NtUserBuildHwndList NtUserQueryWindow NtSetDebugFilterState NtClose Remove Debug Privileges Hardware Breakpoint Protection (DRx) Timing Raise Exception Special DLL Injection Prevent Thread Creation RunPE Unpacker Improved Attach Dialog OllyDbg v1 Specific Remove entry point breakpoint Fix Olly Bugs x64 single-step fix Skip Entrypoint outside code Ignore bad PE image Skip compressed code warning Skip ”load dll” warning Break on TLS Advanced CTRL+G Change window caption Special Keyboard Shortcuts Custom Toolbar Exception Problem OllyDbg v2 Specific Change window caption IDA Specific Server Option x64dbg Specific TitanEngine Specific [hide][Hidden Content]]
-
- 2
-
- scyllahide
- v2020-07-10
-
(and 6 more)
Tagged with:
-
ParantezTeknoloji Library Software version 16.0519000 suffers from an open redirection vulnerability. View the full article
-
- parantezteknoloji
- library
-
(and 4 more)
Tagged with:
-
BEopt suffers from a DLL Hijacking issue. The vulnerability is caused due to the application loading libraries (sdl2.dll and libegl.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a related application file .BEopt located on a remote WebDAV or SMB share. Version 2.8.0 is affected. View the full article
-
OSCI-Transport Library 1.2 for German e-Government versions 1.8.1 and below suffer from an insecure cryptographic implementation and signature bypass vulnerabilities. View the full article
-
- osci-transport
- library
- (and 6 more)
-
The GMP library uses asserts to crash a program at runtime when presented with data it did not anticipate. The library also ignores user requests to remove asserts using Posix's -DNDEBUG. Asserts are a debugging aide intended for development, and using them in production software ranges from questionable to insecure. View the full article
-
Exploits Library Management System 1.0 SQL Injection
1337day-Exploits posted a topic in Updated Exploits
Library Management System version 1.0 suffers from a remote SQL injection vulnerability. View the full article-
- library
- management
- (and 4 more)
-
Library CMS version 2.1.1 suffers from a cross site scripting vulnerability. View the full article