|
SPIKEfile
|
|
Hits: 31 |
|
Date added: 05/27/2006 |
|
SPIKEfile is a Linux based file format fuzzing tool, based on SPIKE 2.9. It was designed to automate the executing the launching of applications and detection of exceptions caused by fuzzed file formats. |
|
|
|
|
|
SysAnalyzer
hot!
|
|
Hits: 164 |
|
Date added: 05/05/2006 |
|
SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states.
SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system.
SysAnalyzer can automatically monitor and compare:
* Running Processes
* Open Ports
* Loaded Drivers
* Injected Libraries
* Key Registry Changes
* APIs called by a target process
* File Modifications
* HTTP, IRC, and DNS traffic
SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:
* Create a memory dump of target process
* parse memory dump for strings
* parse strings output for exe, reg, and url references
* scan memory dump for known exploit signatures |
|
|
|
|
|
|
Malcode Analyst Pack
hot!
|
|
Hits: 53 |
|
Date added: 03/31/2006 |
|
The Malcode Analyst Pack contains a series of utilities that were found to be necessary tools while doing rapid malcode analysis.
Included in this package are:
• ShellExt - 4 explorer shell extensions
• socketTool - manual TCP Client for probing functionality.
• MailPot - mail server capture pot
• fakeDNS - spoofs dns responses to controlled ip's
• sniff_hit - HTTP, IRC, and DNS sniffer
• sclog - Shellcode research and analysis application
• IDCDumpFix - aids in quick RE of packed applications
• Shellcode2Exe - embeds multiple shellcode formats in exe husk
• GdiProcs - detect hidden processes |
|
|
|
|
|
|
ShellCode_setuid_execve.c
|
|
Hits: 22 |
|
Date added: 12/15/2005 |
|
Simple linux/i386 ShellCode that execute /bin/sh after a setuid(0). |
|
|
|
|
|
ShellCode Injecter v0.1
|
|
Hits: 32 |
|
Date added: 12/12/2005 |
|
ShellCode Injecter is a simple linux/i386 tool that allows to inject a ShellCode into any system process (except init) and redirect the excecution flow to it. |
|
|
|
