Search the Community

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header, Optional Header, Section Table Reading PE structures: Imports, Resources, Exports, Debug Directory, Relocations, Delay Load Imports, Bound Imports Dumping of sections, resources, overlay, embedded ZIP, JAR or .class files Scanning for file format anomalies, including structural anomalies, deprecated, reserved, wrong or non-default values. Visualize PE file structure, local entropies and byteplot of the file with variable colors and sizes Calculate Shannon Entropy and Chi Squared for files and sections Calculate ImpHash and Rich and RichPV hash values for files and sections Parse RichHeader and verify checksum Calculate and verify Optional Header checksum Scan for PEiD signatures, internal file type signatures or your own signature database Scan for Jar to EXE wrapper (e.g. exe4j, jsmooth, jar2exe, launch4j) Extract Unicode and ASCII strings contained in the file Extraction and conversion of .ICO files from icons in the resource section Extraction of version information and manifest from the file Reading .NET metadata and streams (Alpha) [hide][Hidden Content]]

[Hidden Content] CodeCat - tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Current rules for C,C++,GO,Python,javascript,Swift,PHP,Ruby,ASP,Kotlin,Dart and Java. [Hidden Content] [Hidden Content]

IDA2Obj is a tool to implement SBI (Static Binary Instrumentation). The working flow is simple: Dump object files (COFF) directly from one executable binary. Link the object files into a new binary, almost the same as the old one. During the dumping process, you can insert any data/code at any location. SBI is just one of the using scenarios, especially useful for black-box fuzzing. [hide][Hidden Content]]

This tool allows to statically analysis windows, Linux, osx, executables, and also APK files. You can get: What DLL files are used. Functions and API. Sections and segments. URLs, IP addresses, and emails. Android permissions. File extensions and their names. And so on… [hide][Hidden Content]]

Proxies: Yes Bots: 100 Email:Pass Capture: Username / Subscription / Subscription Name Free = Custom [hide][Hidden Content]]

VMProtect? Nope. NoVmp is a project devirtualizing VMProtect x64 3.0 - 3.5 (latest) into optimized VTIL and optionally recompiling back to x64 using the Virtual-machine Translation Intermediate Language library. It is rather experimental and is mostly a PoC I wanted to release. Most things can be improved especially with the new NativeLifters repo, but it did not exist back in the time this was written. [hide][Hidden Content]]

What is BinCAT? BinCAT is a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA or using Python for automation. It features: value analysis (registers and memory) taint analysis type reconstruction and propagation backward and forward analysis use-after-free and double-free detection [HIDE][Hidden Content]]

Typo3 CMS Static Info Tables extension version 6.7.3 suffers from a database disclosure vulnerability. View the full article