I just read about the tool Malheur designed for malware analysis. It looks interesting, I don’t know what other tools like this one are out there (if you know some of them, please leave a comment) but it is worth some minutes to read through their page. After thinking some minutes about their approach using [...]

read full post »

      Tool name : TrueCrypt   Description : TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted drive. On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without [...]

read full post »

      Tool name : Hping   Description : This handy little utility assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. [...]

read full post »

      Name Win32/Blaster/Worm (Lovsan, Lovesan)   Type Spreader, Worm     Author Unknown     Written in C     Description This worm was very active in 2003. It spreaded via an RPC vulnerability and executed a DoS attack on a specific date. It’s a well structured code, easy to read and understand. [...]

read full post »

      Name Win32/ogw0rm   Type Spreader, Worm     Author Unknown     Written in C     Description Ogw0rm is a good example how malware propagates itself via Instant Messaging apps. It checks the process list for running IM applications and propagates itself by sending messages to new victims. It shows how [...]

read full post »