scan & analysing tools
Get flash to fully experience Pearltrees
yara-project - A malware identification and classification tool
YARA in a nutshell YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic.
RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by userinput (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.
RIPS - free PHP security scanner using static code analysis
Protect Your Interwebs
Similar to operating system fingerprinting, this technique uses unique fingerprints that are available on each version of a web application to determine which one is being used. What these fingerprints are, depend on the web application, but generally we can use .js (javascript) , .css and a few other files that are available and we can access the source remotely. We can't do the same with .php, because it will not return the source (only the executed output).BFT - Browser forensic tool is a software that will search in all kind of browser history even that are archived in a few seconds.It will retrieve URLS and Title with the chosen keywords of all matching search.We can use default example profiles or create yours, with thematic search on a single click. This tool come from the Developer of Famous DarkComet RAT Tool.
BFT a Browser forensic tool — PenTestIT
Labs Research: Solving a Little Mystery
Firmware analysis is a fascinating area within the vast world of reverse engineering, although not very extended. Sometimes you end up in an impasse until noticing a minor (or major) detail you initially overlooked. That's why sharing methods and findings is a great way to advance into this field.
With the continued growth of your organization, the people and hardware deployed to ensure that it remains in working order is essential, yet the threat picture of your “environment” is not always clear or complete. In fact, most often it’s not what we know that is harmful - it’s what we don’t know that causes the most damage. This being stated, how do you develop a clear profile of what the current deployment of your infrastructure resembles? What are the cutting edge tool platforms designed to offer the granularity essential to understand the complexity of your network, both physical and resource based? Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.
Maltego 3 > Maltego Client
Code Exploration Blog
Today, I'm happy to release CodeSensor, a tool I have been working on for a while: CodeSensor may be useful for you to extract facts from C/C++ code in situations where you do not have a working build-environment. Its goal is to return meta information about source code in a format suitable for further processing using UNIX command line tools and simple scripts. As you can see, the output contains several constructs CodeSensor has recognized, displaying the construct-type as well as start- and end- positions in the first three columns.
jsunpack-n - A generic JavaScript unpacker - Google Project Hosting
jsunpack-n emulates browser functionality when visiting a URL. It's purpose is to detect exploits that target browser and browser plug-in vulnerabilities. It accepts many different types of input: This project contains the source code which runs at the website http://jsunpack.jeek.org/ .theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. Searching for user names that works in the company microsoft, we use google as search engine, so we need to specify the limit of results we want to use:
theHarvester – Gather E-mail Accounts, Subdomains, Hosts, Employee Names – Information Gathering Tool | Darknet - The Darkside
Как расшифровать PHP-скрипт | Raz0r.name — блог о web-безопасности
Тема декодирования зашифрованных PHP-скриптов уже однажды мной затрагивалась в посте PHP и зашифрованный код . В нем я описал способ получения значений всех инициализированных переменных и списка объявленных функций в скрипте, зашифрованным протектором ionCube. Тогда, в 2009 году, расшифровать скрипт под ionCube было проблематично – на тот момент существовали лишь платные сервисы.
How do I perform a stack trace search ? Clicking the checkbox labeled "Stack Trace Search" on the GrepCode home page provides a text area where you can paste your Java stack trace. Doing a search after that will take you to a page with the results of your stack trace search. Alternatively, if you are not on the main page, you can click on the link in the header labeled "Stack Trace Search", and perform the same search.