Full Disclosure mailing list archives
new offensivecomputing site features
From: valsmith <valsmith () metasploit com>
Date: Tue, 13 Jun 2006 10:02:07 -0600
Hey there, Just wanted to let you all know about the latest OffensiveComputing developments. The OC team has been hard at work and our automated malware analysis engine is up and running. If you log into the site you can see two new tools. One is the malware upload and one is the malware search. The malware upload allows you to upload a windows PE file and have it processed by our engine. The malware search will let you enter a checksum, name or other information and search our database for reports on malware. The autoanalysis provides the following functionality: - File type - Packer detection - various AV detection - strings - disassembly - PE info (sections, headers, imports) - checksums (md5, sha1, sha256) And when searching you can also download a zipped / password protected sample of the malware. All of these features are "as possible" meaning that some malware can't be automatically analyzed in all ways. The site is still free for all to use and we are continuing to add more automation and features. Feedback is always welcome. http://www.offensivecomputing.net V.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- new offensivecomputing site features valsmith (Jun 13)