Results 1 to 4 of 4

Thread: Automated Malware Analysis

  1. #1
    Member imported_anubis2k7's Avatar
    Join Date
    Jun 2006
    Posts
    115

    Default Automated Malware Analysis

    Any suggestions on an automated static binary/malware analyzer? Kinda like automating basic IDAPro evaluations. On a basic level, dumping strings comparing blocks, etc. More advanced features could be i.e. evaluating program branches, comparing execution flow. Would there be an easy way/method to compare two binaries and be able to definatively say how much in common code both had?

    I guess something like ZeroWine only using a static analysis would be good.

    thnx
    "Sure is for people with nothing on the line.....you and me? We just get on with it."

    -Garabaldi

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Not sure, if that is what you are looking for, but I recently found this tool.
    Tiocfaidh ár lá

  3. #3
    prowl3r
    Guest

    Default

    I've not used it but many forensics guys seem to appreciate Responder, by HBGary. (Commercial and expensive stuff, field and pro versions).

    Forensic Incident Response: Responder Pro - A review

  4. #4
    Just burned his ISO
    Join Date
    May 2007
    Posts
    4

    Default

    In addition to "Buster", you might also take a look at tools like PEiD, Quick Unpack, TitanEngine, or even better - Ether which are all featured at pentestit.com. Yes I am the owner.

    I prefer PEiD to detect, then use TitanEngine/Ether to actually work.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •