RSS 5 projects tagged "malware"

Download Website Updated 01 Nov 2011 radare

Screenshot
Pop 145.92
Vit 4.14

radare2 aims to create a complete, portable, multi-architecture, Unix-like toolchain for reverse engineering. It is composed of a hexadecimal editor (radare) with a wrapped I/O layer supporting multiple backends for local/remote files, debugger (OS X, BSD, Linux, W32), stream analyzer, assembler/disassembler (rasm) for x86, ARM, PPC, m68k, Java, MSIL, and SPARC, code analysis modules, and scripting facilities. It also has a bindiffer named radiff, base converter (rax), a shellcode development helper (rasc), a binary information extractor supporting PE, Mach0, ELF, class, etc. named rabin, and a block-based hash utility called rahash. Radare was rewritten as radare2, and the old version is only maintained for bugfixes.

Download Website Updated 24 Jan 2012 Bokken

Screenshot
Pop 76.09
Vit 1.89

Bokken is a GUI for the Pyew and Radare2 projects. It provides an interface to almost all the features of Pyew, and many in radare2. It's intended to be a multi-architecture disassembler and binary analysis tool, and maybe some day an alternative for commercial alternatives as IDA Pro. Currently, Bokken is neither a hexadecimal editor nor a full featured disassembler, so it should not be used for deep code analysis or for modifying files.

No download No website Updated 04 Mar 2014 AntiJOP

Screenshot
Pop 91.67
Vit 1.01

AntiJOP is an anti-malware solution that recodes assembly language to remove JOP attack gadgets. JOP attacks on x86 often hinge on the availability of 0xFF bytes in preexisting code, which can be co-opted to serve as register-indirect call instructions. AntiJOP removes instances of 0xFF bytes that may exist, for example, in immediate values, MOD/RM bytes, etc.

No download Website Updated 03 Feb 2011 malmon

Screenshot
Pop 32.63
Vit 1.00

malmon is a realtime backdoor/exploit detection and removal daemon. It uses inotify (pyinotify) to monitor file activity in one or more directories and checks files smaller than a size specified in configuration file. It's appropriate for hosting servers.

Download Website Updated 08 Feb 2011 Bluepot

Screenshot
Pop 48.74
Vit 1.00

Bluepot is a Bluetooth honeypot. It is designed to accept and store any malware sent to it and to interact with common Bluetooth attacks such as “BlueBugging” and “BlueSnarfing”. Bluetooth connectivity is provided via hardware Bluetooth dongles. The system also allows monitoring of attacks via a graphical user interface that provides graphs, lists, a dashboard, and further detailed analysis from log files. The system is also highly configurable through said interface.

Screenshot

Project Spotlight

xmlJ

A Java XML editor.

Screenshot

Project Spotlight

GNUnet

A framework for secure peer-to-peer networking.