nganhkhoa/mether049-malware
1
0
Fork 0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00
Code Issues Projects Releases Wiki Activity

Update malware-analysis_ref_and_memo.md

Browse Source
This commit is contained in:
mether049 2020-03-02 20:14:33 +09:00 committed by GitHub
parent 46edd5e36e
commit 394d746c04
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
malware-analysis_ref_and_memo.md
View File

@ -23,7 +23,7 @@ DFIR,マルウェア解析OSINTに特化したUbuntuベースのディスト
|IDA pro||(Not free)||||||| |IDA pro||(Not free)|||||||
|Binary Ninja||||||||| |Binary Ninja|||||||||
|Cutter||r2dec,r2ghidra|native<br>gdb<br>windbg<br>etc.|[INTRO TO CUTTER FOR MALWARE ANALYSIS(2019-03)](https://malwology.com/2019/03/14/intro-to-cutter-for-malware-analysis/)<br>[megabeets.net](https://www.megabeets.net/?s=cutter)<br>[Cutter: Presenting r2ghidra Decompiler,r2con 2019](https://www.youtube.com/watch?v=eHtMiezr7l8&list=LLTk6-mAiILdt3V27uab14LA&index=8&t=0s)||||| |Cutter||r2dec,r2ghidra|native<br>gdb<br>windbg<br>etc.|[INTRO TO CUTTER FOR MALWARE ANALYSIS(2019-03)](https://malwology.com/2019/03/14/intro-to-cutter-for-malware-analysis/)<br>[megabeets.net](https://www.megabeets.net/?s=cutter)<br>[Cutter: Presenting r2ghidra Decompiler,r2con 2019](https://www.youtube.com/watch?v=eHtMiezr7l8&list=LLTk6-mAiILdt3V27uab14LA&index=8&t=0s)|||||
|Ghidra||||[Reversing WannaCry Part 2 - Diving into the malware with #Ghidra,youtube](https://www.youtube.com/watch?v=Q90uZS3taG0)<br>[cheetsheet](https://www.oldergeeks.com/downloads/file.php?id=2767)||||| |Ghidra||||[Reversing WannaCry Part 2 - Diving into the malware with #Ghidra,youtube](https://www.youtube.com/watch?v=Q90uZS3taG0)<br>[cheetsheet](https://www.oldergeeks.com/downloads/file.php?id=2767)<br>[Scripting in Ghidra, Patching MacOS Image2Icon](https://duraki.github.io/posts/o/20200227-ghidra-scripting-image2icon.html)<br>[]()|||||
|x64/x32dbg||Snowman||||||| |x64/x32dbg||Snowman|||||||
|WinDbg||||||||| |WinDbg|||||||||
|GDB||||||||| |GDB|||||||||
@ -212,6 +212,7 @@ echo $child_process
|Triage|https://tria.ge/|| |Triage|https://tria.ge/||
|Yomi Sandbox|https://yomi.yoroi.company/upload|| |Yomi Sandbox|https://yomi.yoroi.company/upload||
|UnpacMe|https://www.unpac.me/#/|online unpacker,beta,<br>extracting embedded AutoIT Script,<br> extracting URL from VB6 downloader(GuLoader)| |UnpacMe|https://www.unpac.me/#/|online unpacker,beta,<br>extracting embedded AutoIT Script,<br> extracting URL from VB6 downloader(GuLoader)|
|MalwareConifg|https://malwareconfig.com/|特定マルウェアからconfig情報を抽出|
### Unpacker/Decryptor/Decoder/Extractor/Memory Scanner ### Unpacker/Decryptor/Decoder/Extractor/Memory Scanner
- [TAFOF-Unpacker](https://github.com/Tera0017/TAFOF-Unpacker)<br> - [TAFOF-Unpacker](https://github.com/Tera0017/TAFOF-Unpacker)<br>