A Method for Detecting Obfuscated Calls in Malicious Binaries Author : Arun Lakhotia + Eric Uday Kumar + and Michael Venable Description Information about calls to the operating system (or kernel libraries) made by a binary executable may be used to determine whether the binary is malicious. Being aware of this approach, malicious programmers hide [...]
Search – Tìm kiếm
Pages
-
Recent Posts – Bài mới
- Silence’s Unpacking Tour: The Enigma Protector (vol.1)
- Keygenning GameShield/SoftwareShield Applications
- Cracking basic with IDA Pro
- Oreans UnVirtualizer ODBG Plug-in (WL/TMD/CV)
- [GUIDE] Zero day malware cleaning with Sysinternals tools
- Free IDA Pro Binary Auditing Training Material for University Lectures
- IDA Pro Book, 2nd Edition
- Stud_PE 2.6.0.6
- Practical Malware Analysis
- Armadillo – ECDSA Patching
-
Bình luận gần nhất
kienmanowar on Cracking basic with IDA P… hoangtuanvnvn on Cracking basic with IDA P… strongrage on OllyDBG_tut22!! strongrage on OllyDBG_tut22!! Muatuyet_f4 on Keygenning GameShield/Software… Các bài đã đăng
- April 2012 (3)
- March 2012 (6)
- February 2012 (1)
- January 2012 (5)
- December 2011 (3)
- October 2011 (1)
- September 2011 (2)
- August 2011 (2)
- July 2011 (3)
- May 2011 (4)
- January 2011 (1)
- December 2010 (1)
- October 2010 (1)
- September 2010 (3)
- August 2010 (3)
- July 2010 (1)
- June 2010 (4)
- May 2010 (1)
- April 2010 (5)
- March 2010 (4)
- February 2010 (5)
- January 2010 (19)
- December 2009 (8)
- November 2009 (1)
- August 2009 (1)
- July 2009 (1)
- May 2009 (2)
- April 2009 (6)
- March 2009 (17)
- February 2009 (10)
- January 2009 (13)
- December 2008 (11)
- November 2008 (12)
- October 2008 (17)
- September 2008 (51)
Categories
- 2011 in review (1)
- Free IDA Pro Binary Auditing Training Material for University Lectures (1)
- Linux (11)
- Auto start vmware script (1)
- BackTrack 4 Beta is out (1)
- FluxBox cho BackTrack Beta 4 (2)
- Artwiz font (1)
- Hướng dẫn : Sử dụng chương trình Scuba để rà soát security cho Oracle Database (1)
- Hướng dẫn cài đặt BackTrack (1)
- Installing Oracle 9i on RHEL5. (1)
- Linux RCE Starting Guide from SilkCut (1)
- Some tutor about using BackTrack (2)
- Truy vấn thông tin các Patch đã được apply vào OracleDB (1)
- Movie (10)
- Music (4)
- My Tutorials (21)
- Command Line Plugin (1)
- Fix Foxit Reader (1)
- Fix Foxit Reader_Part2 (1)
- How to crack BlackBerry App! (1)
- IDA Tutorials (5)
- Keygen Tutorials (5)
- PE Tutorials (1)
- Sử dụng IceSword để Remove Rootkits (1)
- Solution for KeyGenMe_by_ZeroTen_#1 (1)
- Solution for KLiZMA's UnpackMe #1 (1)
- Solution for NrZ0e1's CrackMe #1 (1)
- Solution for Zart's mishka tribute (1)
- OllyDbg Tutorials (38)
- OllyDbg tut_1 (1)
- OllyDbg tut_10 (1)
- OllyDbg tut_11 (1)
- OllyDbg tut_12 (1)
- OllyDbg tut_13 (1)
- OllyDbg tut_14 (1)
- OllyDbg tut_15 (1)
- OllyDbg tut_2 (1)
- OllyDbg tut_3 (1)
- OllyDbg tut_4 (1)
- OllyDbg tut_5 (1)
- OllyDbg tut_6 (1)
- OllyDbg tut_7 (1)
- OllyDbg tut_8 (1)
- OllyDbg tut_9 (1)
- OllyDBg_tut16 (1)
- OllyDbg_tut17 (1)
- OllyDbg_tut18 (1)
- OllyDbg_tut19 (1)
- OllyDbg_tut20 (1)
- OllyDbg_tut21 (1)
- OllyDbg_tut22 (1)
- Other Tutorials (70)
- A Method for Detecting Obfuscated Calls in Malicious Binaries (1)
- Advanced Windows Debugging – Part 1 (1)
- Advanced Windows Debugging – Part 2 (1)
- An Exercise in RSA Reversal (RSA128 + MD5) (1)
- Anti-Reverse Engineering Guide (1)
- Anti-Unpacker Tricks 2 – Part 8 (1)
- Armadillo – ECDSA Patching (1)
- Armadillo 5.xx – 8.xx (Password Patcher) (1)
- Armadillo 7.00 (CopyMem2 + Import Elimination + Strategic Code Splicing) (1)
- Automatic Binary Deobfuscation (1)
- Basic of Reversing by c0lo!! (1)
- Basic types of software of protection (1)
- Code Obfuscation and Malware Detection (1)
- Cracking basic with IDA Pro (1)
- Debug tutorial (1)
- Decompilers and Beyond (1)
- Discovering Variables in Executables (1)
- ExeCryptor 2.4.x (Tips and Tricks) (1)
- Hex-Rays Decompiler Video Demo for IDA (1)
- IDA Pro Book (1)
- IDA Pro Demo Video (1)
- Inference and Analysis of Formal Models of Botnet (1)
- Introduction to File Infection Techniques (1)
- Java Reversing (1)
- Kernel Malware – The Attack from Within (1)
- Keygenning GameShield (1)
- Lần đầu với software của android OS (1)
- Make IDA Sig (1)
- Mass Malware Analysis – A Do It Yourself Kit (1)
- Olly Schemes-Căn chỉnh màu cho Olly (1)
- OllyEye plug-in (1)
- Primer on Android OS Reversing (1)
- Private exe Protector unpacking (1)
- Reverse Engineering of the Android File System (1)
- Reverse Engineering with OllySocketTrace (1)
- Reversing C++ programs with IDA pro and Hex-rays (1)
- REVERSING GENERALS – PART III (1)
- REVERSING-GENERALS (Phần I) (1)
- REVERSING-GENERALS (Phần II) (1)
- RLPack 1.21 + WinLicense 2.0x (Unpacking) (1)
- Run TTProtect v1.05 in OllyDbg! (1)
- Silence's Unpacking Tour: The Enigma Protector (vol.1) (1)
- Theories and Methods of Code-Caves (1)
- TLS Callback in VC++ (1)
- Underhood on Armadillo License Removal (1)
- Unofficial Reversing On The S40 Revealed (Part 1) (1)
- Yahoo Archive Decode (1)
- [ARTUT] Manual Unpack and Fix of PECompact 2xx-3xx (1)
- Practical Malware Analysis (1)
- RE Tools (61)
- Arma Raider 3.3 (1)
- Armadillo v6.xx Finger-Print-Patcher V0.1 (1)
- BitDiffer 1.3.0.13 – most cattle DLL Library comparison tool! (1)
- CodeWalker: Another AntiRootkit Tool (1)
- Delphi Decompiler 1.1.0.194 (1)
- Exeinfo for Win32 by A.S.L (1)
- FileAlyzer 1.6.0.4 (1)
- IDA Stealth Plugin (1)
- Msieve 1.39 + GUI 1.1 (1)
- OllyDbg – EvO_DBG (1)
- OllyDbg 2.0.1.1 (Final) (1)
- OllyDbg 2.01 alpha 4 (1)
- Ollydbg moded for Execryptor & THEMIDA (1)
- Oreans UnVirtualizer 1.3 (1)
- Oreans UnVirtualizer ODBG Plug-in (1)
- Overaly type detector/Extractor/Viewer (PEiD Plugin), Under SEH TM (1)
- P32Dasm (1)
- PatchDiff2 (1)
- PEiD v0.95 Build date: Oct 21, 2008 (1)
- Phantom 1.45 (1)
- PROTECTiON iD v6.1.3 (1)
- ResEdit 1.4.4.16 (1)
- StrongOD v0.18 [2008.09.18] (1)
- Stud_PE 2.6.0.6 (1)
- Trial-Reset 3.4 Final (1)
- Universal Import Fixer (UIF) v1.2 (FINAL) (1)
- VB Decompiler (1)
- WinHex (1)
- x64 SEH & Explorer Suite Update (1)
- REA_Books (3)
- Reverse Engineering of Object Oriented Code (1)
- Sysinternals (1)
- Uncategorized (16)
- Dây rock! (1)
-
Top Posts
-
Statistics - Lượt truy cập
- 228,810 hits
Lịch
May 2012 M T W T F S S « Apr 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
