Dailydave mailing list archives

Re: iDEFENSE Labs Releases Malcode Analyst Pack

From: <dicktheft () hushmail com>
Date: Wed, 8 Jun 2005 20:31:19 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What a bunch of stupid shit.  When are you going to have me release
a functional version of dltrace, you fat douche?

The public is anxious!


On Tue, 07 Jun 2005 15:38:27 -0700 Michael Sutton
<msutton () iDefense com> wrote:

iDEFENSE Labs has released a new open source package related to
malicious code analysis which is available for download from:

   http://labs.idefense.com

Authored by David Zimmer, the Malcode Analyst Pack contains the
following GUI driven utilities:

FakeDNS    - A minimal DNS server allowing the user to have all
DNS
            queries resolve to a predefined IP.

IDCDumpFix - This tool can be used to associate API names to IAT
            addresses for IDA disassemblies of raw memory dumps.
Fast,
            simple technique to get a readable disassembly for
            arbitrarily packed executables.

MailPot    - A small lab-quality tool for capturing e-mails sent
out by
            trojans and mass mailers.

SCLog      - Shellcode research and testing application that loads
and
            executes shellcode within the context of an API
hooking
            framework. Provides a runtime output log of APIs
called
            while blocking certain dangerous functions. (Not for
use
            outside of lab VM environments).

ShellExt   - This utility adds three shell extensions to the
Windows
            Explorer right-click context menu:

            1) "Decompile" context menu item is added for CHM
files.

            2) "Strings" context menu is added for all files.
This
                feature extracts all ASCII and Unicode strings
from the
                specified file and displays the results in a
popup
form.

            3) "Hash Files" context menu is added for all
folders. This
                feature displays the name, size and MD5 hash of
all
                files in the specified folder in a popup form.

SniffHit   - A lightweight specialized HTTP/IRC sniffer designed
to
            extract target communication data and present it in
an
            easily viewable (and copy-able) interface.

SocketTool - A graphical TCP Client designed to allow the user to
easily
            send text or binary data to a server, probing for
            functionality.

More information and source code are available in the bundled
install
file.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkKnuAAACgkQyu64drXtiVCUXACeOAWYOPlVhu01NKvBqCef23CnS/UA
njDMps/YJxIVycj2xZGqQafXZgWw
=CNIo
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

iDEFENSE Labs Releases Malcode Analyst Pack Michael Sutton (Jun 08)
- Re: iDEFENSE Labs Releases Malcode Analyst Pack Dave Aitel (Jun 08)
  - Re: iDEFENSE Labs Releases Malcode Analyst Pack Andrew R. Reiter (Jun 08)
- <Possible follow-ups>
- Re: iDEFENSE Labs Releases Malcode Analyst Pack david (Jun 08)
- Re: iDEFENSE Labs Releases Malcode Analyst Pack dicktheft (Jun 08)