4 projects tagged "malware"
Updated 01 Nov 2011
radare
| Pop | 158.81 |
|---|---|
| Vit | 4.88 |
radare2 aims to create a complete, portable, multi-architecture, Unix-like toolchain for reverse engineering. It is composed of a hexadecimal editor (radare) with a wrapped I/O layer supporting multiple backends for local/remote files, debugger (OS X, BSD, Linux, W32), stream analyzer, assembler/disassembler (rasm) for x86, ARM, PPC, m68k, Java, MSIL, and SPARC, code analysis modules, and scripting facilities. It also has a bindiffer named radiff, base converter (rax), a shellcode development helper (rasc), a binary information extractor supporting PE, Mach0, ELF, class, etc. named rabin, and a block-based hash utility called rahash. Radare was rewritten as radare2, and the old version is only maintained for bugfixes.
Updated 15 Jun 2009
ClamAV Unofficial Signatures Updater
| Pop | 34.41 |
|---|---|
| Vit | 38.14 |
ClamAV Unofficial Signatures Updater is a script that provides a simple way to download, test, and use third-party ClamAV signatures. It checks for updated unofficial clamav signature database files and can download them. It randomizes download time to help distribute the load more evenly for the database host mirror sites. Signature bypass entries can be created for temporarily resolving false-positive issues with third-party signatures. It can report which mirror site a download came from. It reports if a downloaded database is actually different than the running copy. Many other features are supported.
Updated 03 Feb 2011
malmon
| Pop | 33.72 |
|---|---|
| Vit | 1.01 |
malmon is a realtime backdoor/exploit detection and removal daemon. It uses inotify (pyinotify) to monitor file activity in one or more directories and checks files smaller than a size specified in configuration file. It's appropriate for hosting servers.
Updated 24 Jan 2012
Bokken
| Pop | 67.82 |
|---|---|
| Vit | 2.00 |
Bokken is a GUI for the Pyew and Radare2 projects. It provides an interface to almost all the features of Pyew, and many in radare2. It's intended to be a multi-architecture disassembler and binary analysis tool, and maybe some day an alternative for commercial alternatives as IDA Pro. Currently, Bokken is neither a hexadecimal editor nor a full featured disassembler, so it should not be used for deep code analysis or for modifying files.
