Nmap Development mailing list archives
GSoC 2011 My Two Ideas(more accurate explanation of these ideas)
From: Eugene Melnichenko <my.email.eugene () gmail com>
Date: Thu, 24 Mar 2011 13:24:36 +0200
Hi!!!!! I recently wrote about my two ideas: 1. Possible threat category (keylogger, backdoor, etc.) and its level (Malware detection). 2. What programming language was used, a possible country of origin, etc. (Malware and Exploit). Here is a more accurate explanation of these ideas Now, in order: Definitions programming language and country of origin: As far as I know, the compiler makes an entry in the header of the executable file and the signature can be determined by the code of the initial installation. Possible countries of origin can try to determine on the comments in the code. Now about Possible threat category (keylogger, backdoor, etc.) and its level: I thought to make the original knowledge base, and once a week to update base new descriptions. If the user needs to the description, virus, spliots, keylogger, backdoor and etc. He chooses the necessary category and searches for necessary description. I also thought about the development of the scanner, in which this could all be realized (Definitions programming language and country of origin and Possible threat category (keylogger, backdoor, etc.) and its level). Knowledge base can be done separately (I think it will be useful). I have attached the files(documentation and my development(scanner). If they do not come tell me how send them to you?
Attachment:
Scaner.zip
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- GSoC 2011 My Two Ideas(more accurate explanation of these ideas) Eugene Melnichenko (Mar 24)
- Re: GSoC 2011 My Two Ideas(more accurate explanation of these ideas) Luis MartinGarcia. (Mar 24)