Today I want to share a new tool that I was testing, its name is "Malwasm", this is a tool based on Cuckoo Sandbox.
Malwasm was designed to help people that do reverse engineering. Malwasm step by step:
- The malware to analyse is executed through Cuckoo Sandbox
- During the execution, malwasm logs all activites of the malware with pintool
- All activities are stored in a database (Postgres)
- A web service is available to visualize and manage the data stored in the database
Malwasm provides these features:
- Offline programs debugging
- Possibility to go back or forward in the execution's time (with a time slide bar)
- States of registers and flags
- Values of the stack/heap/data
- "Following dump" options
- Fully works in the browser
In Figure 1 you can see how it works with a sample:
Figure 1: Malwasm running a Malware Sample
After all this introduction here are the links:
Hope You like It! =)
0 comentarios:
Post a Comment