Things you can do with Wepawet:
- Determine if a page or file is malicious
- wepawet runs various analyses on the URLs or files that you submit. At the end of the analysis phase, it tells you whether the resource is malicious or benign and provides you with information that helps you understand why it was classified in a way or the other.
- wepawet displays various pieces of information that greatly simplify the manual analysis and understanding of the behavior of malicious samples. For example, it gives access to the unobfuscated malicious code used in an attack. It also collects the URLs accessed by a sample.
- wepawet does not just tell you that a resource is malicious, it also shows you the exact vulnerability (or, more likely, the vulnerabilities) that are exploited during an attack.
I'm completing some research on what we feel will be the most important security issues in 2009. Please take a minute to respond to our poll.
Has anyone ever touched / seen / heard of an actual BIOS malware implementation? I've only read of malware that writes random data to the BIOS ROM.
I am guessing the BIOS manufactures' implementations are too ambiguous for any generic infection method to work such as the methods used on PE / ELF / Boot sectors.
I'm curious about what sorts of tools people use to automate the proces of reverse engineer malware binaries. I'm reasonably familiar with disassemblers (for static analysis), and emulators/VMs and debuggers (for dynamic analysis). The obvious problem is that static analyses are susceptible to various sorts of binary obfuscations, while dynamic analyses would seem to be susceptible to various sorts of anti-monitoring defenses, time bombs, logic bombs, etc.
I am a researcher working on Botnets and Malware. In the previous months I have been studying Storm. What I have learned from this experience was really useful, but I have also seen that there is a lot of improving to be done in the way Malware and Botnets are fought.
Participants should download the malware sample and analyze it. The end result should be a document containing details on the analysis performed. The analysis document can be written in any form, but the questions and statements beow should be answered within it. Participants should note what questions are being answered.
All the rules here:
My name is Dante Allegro , and as the newest member of the team my job is to work with members of the commercial community who wish to purchase products and services from Offensive Computing.
If you or your company would like to utilize the Offensive Computing malware database in your commercial product, or if you have a specific job that you feel the Offensive Computing team can assist you with , please contact me and I will be quite happy to assist you.
As I am on the road quite a bit please contact me directly at dallegro ( at ) offensivecomputing.net.
thanks ! I am struggling to learn stuff , although I know certain other things.
I am semi new to this forum but would love to contribute where I can. I am intrested in all aspects of pcs. Some I just have limited knowledge on.
Hi, I'm wondering if there are any purityscan droppers available. Also looking to find out what the exploit is that is used to use invalid çharacters for the filenames.
Anyone with info please let me know.
Thanks in advance.
hi everyone, i am doing some research about virus and worms and i would like to test a worm that would be capable of replicate itself and full my disk, and i would also need a virus capable of causing important damages on windows, reboot it or something, but i can't find them, please help me.
thanks a lot