Ultimativna anti-spam aplikacija koja :
1) prikazuje i briše mejlove dok su još nepreuzeti
2) obrisane spamove javno stavlja na crnu listu
3) ubija u pojam spamere i mail marketing stručnjake
4) mejlove prikazuje u izvornom obliku sve sa source kodom
Link objavljujem uskoro...
Autor
MORE TIPS>
http://winmerge.org/
http://orwelldevcpp.blogspot.com/
Sandboxes for malware analize:
https://www.raymond.cc/blog/analyze-suspicious-exe-files-with-comodo-instant-malware-analysis/
https://www.hybrid-analysis.com/
https://cuckoosandbox.org/
https://www.threattrack.com/
https://www.joesandbox.com/
1) prikazuje i briše mejlove dok su još nepreuzeti
2) obrisane spamove javno stavlja na crnu listu
3) ubija u pojam spamere i mail marketing stručnjake
4) mejlove prikazuje u izvornom obliku sve sa source kodom
Link objavljujem uskoro...
Autor
MORE TIPS>
http://winmerge.org/
http://orwelldevcpp.blogspot.com/
Sandboxes for malware analize:
https://www.raymond.cc/blog/analyze-suspicious-exe-files-with-comodo-instant-malware-analysis/
https://www.hybrid-analysis.com/
https://cuckoosandbox.org/
https://www.threattrack.com/
https://www.joesandbox.com/
Sandboxes that can detect the malware (ordered by name):
- Anlyz https://sandbox.anlyz.io
Result: Malicious - Any.run https://app.any.run
Result: Malicious Activity - Comodo Valkyrie (https://valkyrie.comodo.com)
Result: Malware - Hybrid Analysis (Falcon Sandbox) (http://www.hybrid-analysis.com/)
Result: Malicious (100/100) - Intezer Analyze https://www.intezer.com
Result: Malicious - SecondWrite Malware Deepview https://www.secondwrite.com
Result: Malicious - ViCheck https://vicheck.ca/ (static analysis)
Result: Infected
Sandboxes that cannot detect the malware (ordered by name):
- Jevereg (Amnpardaz Sandbox) http://jevereg.amnpardaz.com/
Result: File could not be analyzed - IObit Cloud http://cloud.iobit.com
Result: Safe
Discontinued / Down sandboxes:
- Anubis http://anubis.iseclab.org/ (discontinued)
- BinaryGuard (TBM Cloud Sandbox) http://www.binaryguard.com
Tried to register, but its website does not work. - BitBlaze http://bitblaze.cs.berkeley.edu/(discontinued)
- Comodo Instant Malware Analysis http://camas.comodo.com/(discontinued)
- Deepviz (https://sandbox.deepviz.com/) (services cannot be subscribed anymore)
- Eureka http://eureka.cyber-ta.org/(discontinued)
- Malwr (Cuckoo Sandbox) (http://malwr.com/) (down)
- ThreatExpert Automated Threat Analysis (redirects to symantec.com) (http://www.threatexpert.com/)
- Viper https://viper.malwareconfig.com/ (down)
Trial requested:
- ThreatTrack ThreatAnalyzer
https://www.threattrack.com/malware-analysis.aspx - VMRay Analyzer https://www.vmray.com
Static File Analyzers:
I tested following static file analyzers with an RTF document that exploits an Adobe Flash vulnerability CVE-2016–4117
- Malware Tacker Cryptam Document Scanner(http://www.malwaretracker.com/doc.php)
Supported file types: Office files.
Result: Malware - ViCheck https://vicheck.ca/
Result: It detect the file as an Office malware, but identified with wrong CVE. - XecScan (http://scan.xecure-lab.com/)
Supported file types: PDF and Office files.
Result: It cannot analyse the malware with the following message: “Sorry, Invalid file size!” - MASTIFF Online (https://mastiff-online.korelogic.com)
Result: It cannot detect the malware. - Malware Tracker PDF Examiner(http://www.malwaretracker.com/pdf.php)
Supported file types: PDF files.
Android Sandboxes / Analyzers:
- Akana http://akana.mobiseclab.org
- AndroTotal https://andrototal.org
- SandDroid http://sanddroid.xjtu.edu.cn
- Nviso https://apkscan.nviso.be/
Linux Sandboxes:
- Detux Multiplatform Linux Sandbox http://detux.org/
Süleyman Özarslan(Picus Security http://picussecurity.com)
Twitter: su13ym4n E-mail: suleyman at picussecurity com
Twitter: su13ym4n E-mail: suleyman at picussecurity com
No comments:
Post a Comment
Коментар: