Friday, May 3, 2013

Today I want to share a new tool that I was testing, its name is "Malwasm", this is a tool based on Cuckoo Sandbox. 

Malwasm was designed to help people that do reverse engineering. Malwasm step by step: 
  • The malware to analyse is executed through Cuckoo Sandbox
  • During the execution, malwasm logs all activites of the malware with pintool
  • All activities are stored in a database (Postgres)
  • A web service is available to visualize and manage the data stored in the database
Features
Malwasm provides these features: 
  • Offline programs debugging
  • Possibility to go back or forward in the execution's time (with a time slide bar)
  • States of registers and flags
  • Values of the stack/heap/data
  • "Following dump" options
  • Fully works in the browser 
In Figure 1 you can see how it works with a sample:
Figure 1: Malwasm running a Malware Sample

After all this introduction here are the links:

Hope You like It!  =)

1 comment:

  1. Very Nice Blog!!

    This blog has very helpful information for all blog reader. I mean this informative information is very necessary in information technology for safety and security of your personal information.

    Keep sharing...

    Thanks

    Malware Reverse Engineering

    ReplyDelete