ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!
Home
Upgrade
Credits
Help
Search
Awards
Achievements
 3648

part2

by Nix - 01-15-2016 - 07:33 PM
#1
[spoiler=Dashlane]
[Image: 1MEKohJ.png]
"Dashlane is basically a password manager. This is mainly just to assure that your passwords does not constitute a vulnerability against bruteforce attacks. Everyone that uses the web today faces some version of the password problem. Many know that their passwords are unsafe, either because they’re trivial to crack or they’re reused on several websites. Many others forget their passwords and stop using services, or shy away from new online services altogether – because remembering passwords and registering for new websites with new passwords is a pain. And these folks are also constantly annoyed by having to type out long strings of meaningless numbers, dates, and codes to conduct a simple act of buying online (or even more painfully, on their mobile device) – an act that is as simple as a swipe in the physical world. We created Dashlane to solve these problems with one neat solution that is simple, secure, and universal. Our users don’t trade security for convenience – they get both. We created Dashlane because we are on a mission to fix the internet.

Password Manager Feature
"Keeping track of passwords and making them secure is startlingly simple with Dashlane’s free password manager. Automatically import your passwords from Chrome or any other browser into your secure password vault. Save any missing passwords as you browse. Make a new password right within your browser. Get automatic alerts when websites get breached. And with our auto-login, you will never have to type any password on any of your devices again. It’s that simple."

Autofill Feature
"Smart form autofill that works – not some of the time, or even most of the time – every time. Stop wasting time checking if everything filled right, and correcting all the mistakes. Stop leaving your data unencrypted in your browser cache."

Digital Wallet Feature
"Securely store your payment types in Dashlane’s online wallet. Get express checkout and flawless form filling everywhere you shop online. Automatically capture receipts of all your purchases. Always have your digital wallet on you, and never have to store your credit cards on sites that you don't completely trust."

Download Now
[/spoiler]


[spoiler=Google Extension uMatrix]
"Point & click to forbid/allow any class of requests made by your browser. Use it to block scripts, iframes, ads, facebook, etc. uMatrix: A point-and-click matrix-based firewall, with many privacy-enhancing tools. For experienced users, uMatrix put you in full control of where your browser is allowed to connect, what type of data it is allowed to download, and what it is allowed to execute. Nobody else decides for you: You choose. You are in full control of your privacy. Out of the box, uMatrix works in relax block-all/allow-exceptionally mode, meaning web sites which require 3rd-party scripts are likely to be "broken". With two clicks, uMatrix can be set to work in allow-all/block-exceptionally mode, which generally will not break web sites. See ALL the remote connections, failed or attempted, depending on whether they were blocked or allowed (you decide). A single-click to whitelist/blacklist one or multiple classes of requests according to the destination and type of data (a blocked request will NEVER leave your browser). Efficient blacklisting: cookies won't leave your browser, JavaScript won't execute, plugins won't play, tracking pixels won't download, etc."
[/spoiler]


[spoiler=Prcoess Explorer]
[Image: LA9T4aM.png]
"Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded. The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work."


From my accordings, I believe that Process Explorer is most dominant than any other 3rd party task manager; including the well know Process Hacker. It has came to my attention that Process Explorer also has some extra features that some other 3rd party task managers do not.



Download Process Explorer
[/spoiler]


[spoiler=VPN]
This may not be a handy feature for you however you always want to remain anonymous on the internet, you don't want to get associated with anything proven harmful to you, which is why it's recommend to use a VPN or VPS.

  • A VPN, which stands for Virtual Private Network, is a technology that creates a secure network connection over a public network such as the Internet. Or, to put it a different way, a VPN enables you to send encrypted data over networks that were unencrypted prior to your sending said data. I'll just send you a couple recommendations.
  • A virtual private server (VPS) is a virtual machine sold as a service by an Internet hosting service. A VPS runs its own copy of an operating system, and customers have superuser-level access to that operating system instance, so they can install almost any software that runs on that OS.




OpenVPN
"Encrypts data transfer to prevent spoofing and malicious man-in-the middle attacks. Applies obfuscation techniques to unblock access from regions across the globe. Developed by the OpenVPN team and trusted by enterprise businesses for mission critical applications."

Cyberghost VPN
"CyberGhost is a fast, simple and efficient way to protect your online privacy, surf anonymously and access blocked or censored content. It offers top-notch security and anonymity without being complicated to use or slowing down your internet connection. Internet was first created as an environment where everybody could express their opinion and have unrestricted access to information while remaining anonymous. And we believe it should stay that way! CyberGhost VPN hides your IP and replaces it with one of your choice. This way, you surf anonymously. We encrypt your connection and don't keep logs, so you don't have to worry about the security of your data. With CyberGhost VPN you gain access to censored or geo-restricted content from all around the world."

IPVanish
"IPVanish is the only true tier-1 VPN service in the world. This means we deliver the best VPN speeds, the most secure connections and the most competitive pricing anywhere. Our VPN network spans 25,000+ IPs on 225+ servers in 60+ countries, giving you the ability to surf anonymously and access blocked websites from every corner of the globe.IPVanish provides a secure environment for everyday web use. Once you establish a VPN connection all of your online data (emails, instant messages, data transfers, online banking) pass through our encrypted tunnel. Services like Netflix, Hulu, and YouTube provide content based on location. Use IPVanish to grab an anonymous IP address and appear to be at whatever location you choose. You can watch whatever you want from wherever you want. VOIP providers, like Vonage, and other long distance communication companies, like Skype, often base their business on charging higher fees for international calls. With IPVanish you can choose your country of origin and keep those bills lower. When you're connected to IPVanish, your IP address and location disappear and are replaced with an IPVanish IP address. You can prevent online marketers, search engines and websites from analyzing and using your IP address or location. Use IPVanish mobile apps to prevent your personal data (mobile banking, emails, social media, etc.) from being stolen by hackers. Our VPN apps keep your data safe. International censorship and corporate firewalls can prevent you from accessing many of the sites you frequent at home, such as Facebook and Twitter. Keep your online freedom by using IPVanish VPN. ISPs often employ Deep Packet Inspection to snoop on your Internet traffic and limit your Internet speed, including video streaming speeds, based on your Internet usage. IPVanish prevents Deep Packet Inspection and helps you maintain your privacy."
[/spoiler]


[spoiler=Netlimiter]
[Image: HPof9tp.png]

"Set download and upload priorities for any process running on your computer's, add network filters and rules and apply them with just a click from one single control panel. Control remotely every aspect of the traffic flow in your home or office network. Set advanced rules and filters, edit network priorities for running processes and do many other operations on your machine or on a group of machines based on tags."


Download Netlimiter
[/spoiler]






Since some members have decided to carelessly post their malicious software in the Program Section, we thought it was only right to post this to regard anything and everything you need to know to ensure everything runs smoothly with your computer. Firstly, stated that every program you release on these forums should be accompanied by a virus scan, regardless of any other extension. We also advise all members to scan the program themselves. If you catch someone posting a fake scan, please report it and that member will be dealt with and the program removed. Keep in mind if a program is not accompanied by a legitimate virustotal scan link we advise you to refrain from downloading anything that's been featured in the user's thread. Punishments will be finalized based on your various offences and how dire your situation could cause essentially. Furthermore the steps below will give you various steps to protect yourself. Firstly, we recommend you to accompany yourself with an antivirus with significant standards able to protect your PC at all times. Personally, I recommend Bitdefender or Kaspersky. From my experience, they both prove that they are most than eligible to protect your PC, but any other antivirus will work just as fine; perhaps even with greater quality. Another step to to prove legitimacy based on the file of uploading the file or file(s) to Virustotal yourself. No one can guarantee that the Virustotal scan itself is legitimate unless the details are equivalent with the file. Upload it to VirusTotal.com. It’s an online virus scanner that scans it with 41 different antiviruses. If more than 6 antiviruses pick it up, then it is most likely contains a virus; if only one or two pick it up, it is most likely just false positives. You can also test it in a sandboxie, which sandboxie would be the case. You can run it safely in there safely and know for sure if a RAT is accompanied by the mentioned program. If by some chance you have been infected, (which is pretty low of contingent), the most safest way is to reformat your hard drive. You may other ways such as running “Microsoft Malicious Software Removal Tool.” or relying on an antivirus to solve your problem, however you can never confirm if it's been removed. I've additionally featured some programs that are quite handy to most situations.




Sandboxie
"Enter Sandboxie, which lets you run programs independent of the rest of your system. That way they can't infect, access, or otherwise interfere with your Windows installation. It's also great for testing apps you aren't sure of or running multiple instances of an app that won't let you, so it's fun for the whole family."

Valkyrie (Comodo)
"If you have a Portable Executable (PE) file (.exe, .dll, .sys etc) that you would like to be analysed, please upload it using the form below. Within seconds, detailed detection results will be displayed in the 'Static' and 'Dynamic' tabs. Users will also see an 'overall' security verdict for the file prominently displayed at the top of the page."

Virustotal
"VirusTotal will scan, and detect, if appropriate, any type of binary content, be it a Windows executable, Android APKs, PDFs, images, javascript code, etc. Most of the antivirus companies involved in VirusTotal will have solutions for multiple platform, hence they usually produce detection signatures for any kind of malicious content."

Metascan Online
"Metascan is another substitute for Virustotal in the event of a complication associated with Virustotal. Metascan is a powerful and flexible solution for detecting and preventing known and unknown threats. ISVs, IT admins and malware researchers use Metascan to get easy access to multiple anti-malware engines at a single time, via a rich set of APIs. This technology is available through Metascan Online via the web interface and API, as well as through an on-premises version of Metascan that can be deployed in your own environment and even offline, with additional features like document sanitization available."

Anubis
"Anubis is a service for analyzing malicious software. Just like Virustotal however Anubis will go to great extents to review every detail of the malicious software could potentially cause. Submit your Windows executable or Android APK and receive an analysis report notifying you what it essentially does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL. Anubis is sponsored by Lastline, Inc., and Secure Business Austria, and developed by the International Secure Systems Lab. We are a small team of enthusiastic security professionals doing research in the field of computer security and malware analysis. Our goal is to provide interested and advanced computer users with a tool that helps in combating malware. This is why we provide this service free of charge. Note that access to Anubis is provided for internal use by end-users only. All other commercial uses are expressly prohibited. Note that many of the research ideas behind Anubis are brought to the next level by Lastline, Inc., a security company that brings our academic research to the market. Anubis is a tool for analyzing the behavior of Windows PE-executables with special focus on the analysis of malware. Execution of Anubis results in the generation of a report file that contains enough information to give a human user a very good impression about the purpose and the actions of the analyzed binary. The generated report includes detailed data about modifications made to the Windows registry or the file system, about interactions with the Windows Service Manager or other processes and of course it logs all generated network traffic. The analysis is based on running the binary in an emulated environment and watching i.e. analyzing its execution. The analysis focuses on the security-relevant aspects of a program's actions, which makes the analysis process easier and because the domain is more fine-grained it allows for more precise results. It is the ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary. Anubis is the result of more than three years of programming and research. We have designed Anubis to be an open framework for malware analysis that allows the easy integration of other tools and research artifacts. This will allow us to integrate new research prototypes produced by our group into Anubis as soon their code base is stable enough."


Payload Security - Recommended
"Today, malware attacks are becoming not only more sophisticated, but also more targeted. These targeted threats enter the landscape at a variety of levels, but often threats are sophisticated malware kits that are highly adaptive to a range of environments, equipped with exploit and custom code. The attackers aim at extracting intellectual property, critical business data (e.g. credit cards), insights on infrastructure or other key data. Thus, there is a strong demand for software systems that can extract and help understand malicious behavior. If companies can understand software involved on incidents, it is possible for them to adapt security policies more quickly and reveal additional weaknesses in the IT-security infrastructure. Consequently, it is necessary to constantly monitor the IT infrastructure, capture malicious code, understand and the implications and adapt accordingly. A term that describes this kind of cycle quite nicely is "Agile Security". It puts weight on the aspect that IT-security needs to be adaptive today. One key part for the solution to IT-security is a scalable, performance-oriented, fully automated malware analysis systems that incorporate complex algorithms, but at the same time are easy to use by a broad audience. Detecting threats is not enough, they need to be understood in-depth. At Payload Security, it is our goal to develop key technologies that can be used as part of malware analysis systems, threat grid systems, AV vendors or other monitoring systems that want to incorporate sophisticated, performance-oriented algorithms to get an edge over their competition. Our requirements are robustness, performance, scalability, adaptable interfaces and standardized output at an industry oriented level. Meeting these requirements, our software adds real value to your analysis system and allows you to adapt quickly to the constantly changing threat landscape. Please take your time and look around the web page as we are still growing. All of our software products are "Made in Germany". We are proud to say that all prototypes up to a marketable product have been implemented and designed on site in Germany. "Made in Germany" stands for quality, efficiency and precision. This is what we build our company upon, now and in the future."





And, thank you for reading my tutorial. I appreciate it and if you have any questions, concerns, or problems of any kind, do not hesitate to let me know. This thread will be updated if and when necessary.
Reply
#2
(01-15-2016 - 07:33 PM)Nix Wrote: [spoiler=Dashlane]
[Image: 1MEKohJ.png]
"Dashlane is basically a password manager. This is mainly just to assure that your passwords does not constitute a vulnerability against bruteforce attacks. Everyone that uses the web today faces some version of the password problem. Many know that their passwords are unsafe, either because they’re trivial to crack or they’re reused on several websites. Many others forget their passwords and stop using services, or shy away from new online services altogether – because remembering passwords and registering for new websites with new passwords is a pain. And these folks are also constantly annoyed by having to type out long strings of meaningless numbers, dates, and codes to conduct a simple act of buying online (or even more painfully, on their mobile device) – an act that is as simple as a swipe in the physical world. We created Dashlane to solve these problems with one neat solution that is simple, secure, and universal. Our users don’t trade security for convenience – they get both. We created Dashlane because we are on a mission to fix the internet.

Password Manager Feature
"Keeping track of passwords and making them secure is startlingly simple with Dashlane’s free password manager. Automatically import your passwords from Chrome or any other browser into your secure password vault. Save any missing passwords as you browse. Make a new password right within your browser. Get automatic alerts when websites get breached. And with our auto-login, you will never have to type any password on any of your devices again. It’s that simple."

Autofill Feature
"Smart form autofill that works – not some of the time, or even most of the time – every time. Stop wasting time checking if everything filled right, and correcting all the mistakes. Stop leaving your data unencrypted in your browser cache."

Digital Wallet Feature
"Securely store your payment types in Dashlane’s online wallet. Get express checkout and flawless form filling everywhere you shop online. Automatically capture receipts of all your purchases. Always have your digital wallet on you, and never have to store your credit cards on sites that you don't completely trust."

Download Now
[/spoiler]


[spoiler=Google Extension uMatrix]
"Point & click to forbid/allow any class of requests made by your browser. Use it to block scripts, iframes, ads, facebook, etc. uMatrix: A point-and-click matrix-based firewall, with many privacy-enhancing tools. For experienced users, uMatrix put you in full control of where your browser is allowed to connect, what type of data it is allowed to download, and what it is allowed to execute. Nobody else decides for you: You choose. You are in full control of your privacy. Out of the box, uMatrix works in relax block-all/allow-exceptionally mode, meaning web sites which require 3rd-party scripts are likely to be "broken". With two clicks, uMatrix can be set to work in allow-all/block-exceptionally mode, which generally will not break web sites. See ALL the remote connections, failed or attempted, depending on whether they were blocked or allowed (you decide). A single-click to whitelist/blacklist one or multiple classes of requests according to the destination and type of data (a blocked request will NEVER leave your browser). Efficient blacklisting: cookies won't leave your browser, JavaScript won't execute, plugins won't play, tracking pixels won't download, etc."
[/spoiler]


[spoiler=Prcoess Explorer]
[Image: LA9T4aM.png]
"Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded. The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work."


From my accordings, I believe that Process Explorer is most dominant than any other 3rd party task manager; including the well know Process Hacker. It has came to my attention that Process Explorer also has some extra features that some other 3rd party task managers do not.



Download Process Explorer
[/spoiler]


[spoiler=VPN]
This may not be a handy feature for you however you always want to remain anonymous on the internet, you don't want to get associated with anything proven harmful to you, which is why it's recommend to use a VPN or VPS.

  • A VPN, which stands for Virtual Private Network, is a technology that creates a secure network connection over a public network such as the Internet. Or, to put it a different way, a VPN enables you to send encrypted data over networks that were unencrypted prior to your sending said data. I'll just send you a couple recommendations.
  • A virtual private server (VPS) is a virtual machine sold as a service by an Internet hosting service. A VPS runs its own copy of an operating system, and customers have superuser-level access to that operating system instance, so they can install almost any software that runs on that OS.




OpenVPN
"Encrypts data transfer to prevent spoofing and malicious man-in-the middle attacks. Applies obfuscation techniques to unblock access from regions across the globe. Developed by the OpenVPN team and trusted by enterprise businesses for mission critical applications."

Cyberghost VPN
"CyberGhost is a fast, simple and efficient way to protect your online privacy, surf anonymously and access blocked or censored content. It offers top-notch security and anonymity without being complicated to use or slowing down your internet connection. Internet was first created as an environment where everybody could express their opinion and have unrestricted access to information while remaining anonymous. And we believe it should stay that way! CyberGhost VPN hides your IP and replaces it with one of your choice. This way, you surf anonymously. We encrypt your connection and don't keep logs, so you don't have to worry about the security of your data. With CyberGhost VPN you gain access to censored or geo-restricted content from all around the world."

IPVanish
"IPVanish is the only true tier-1 VPN service in the world. This means we deliver the best VPN speeds, the most secure connections and the most competitive pricing anywhere. Our VPN network spans 25,000+ IPs on 225+ servers in 60+ countries, giving you the ability to surf anonymously and access blocked websites from every corner of the globe.IPVanish provides a secure environment for everyday web use. Once you establish a VPN connection all of your online data (emails, instant messages, data transfers, online banking) pass through our encrypted tunnel. Services like Netflix, Hulu, and YouTube provide content based on location. Use IPVanish to grab an anonymous IP address and appear to be at whatever location you choose. You can watch whatever you want from wherever you want. VOIP providers, like Vonage, and other long distance communication companies, like Skype, often base their business on charging higher fees for international calls. With IPVanish you can choose your country of origin and keep those bills lower. When you're connected to IPVanish, your IP address and location disappear and are replaced with an IPVanish IP address. You can prevent online marketers, search engines and websites from analyzing and using your IP address or location. Use IPVanish mobile apps to prevent your personal data (mobile banking, emails, social media, etc.) from being stolen by hackers. Our VPN apps keep your data safe. International censorship and corporate firewalls can prevent you from accessing many of the sites you frequent at home, such as Facebook and Twitter. Keep your online freedom by using IPVanish VPN. ISPs often employ Deep Packet Inspection to snoop on your Internet traffic and limit your Internet speed, including video streaming speeds, based on your Internet usage. IPVanish prevents Deep Packet Inspection and helps you maintain your privacy."
[/spoiler]


[spoiler=Netlimiter]
[Image: HPof9tp.png]

"Set download and upload priorities for any process running on your computer's, add network filters and rules and apply them with just a click from one single control panel. Control remotely every aspect of the traffic flow in your home or office network. Set advanced rules and filters, edit network priorities for running processes and do many other operations on your machine or on a group of machines based on tags."


Download Netlimiter
[/spoiler]






Since some members have decided to carelessly post their malicious software in the Program Section, we thought it was only right to post this to regard anything and everything you need to know to ensure everything runs smoothly with your computer. Firstly, stated that every program you release on these forums should be accompanied by a virus scan, regardless of any other extension. We also advise all members to scan the program themselves. If you catch someone posting a fake scan, please report it and that member will be dealt with and the program removed. Keep in mind if a program is not accompanied by a legitimate virustotal scan link we advise you to refrain from downloading anything that's been featured in the user's thread. Punishments will be finalized based on your various offences and how dire your situation could cause essentially. Furthermore the steps below will give you various steps to protect yourself. Firstly, we recommend you to accompany yourself with an antivirus with significant standards able to protect your PC at all times. Personally, I recommend Bitdefender or Kaspersky. From my experience, they both prove that they are most than eligible to protect your PC, but any other antivirus will work just as fine; perhaps even with greater quality. Another step to to prove legitimacy based on the file of uploading the file or file(s) to Virustotal yourself. No one can guarantee that the Virustotal scan itself is legitimate unless the details are equivalent with the file. Upload it to VirusTotal.com. It’s an online virus scanner that scans it with 41 different antiviruses. If more than 6 antiviruses pick it up, then it is most likely contains a virus; if only one or two pick it up, it is most likely just false positives. You can also test it in a sandboxie, which sandboxie would be the case. You can run it safely in there safely and know for sure if a RAT is accompanied by the mentioned program. If by some chance you have been infected, (which is pretty low of contingent), the most safest way is to reformat your hard drive. You may other ways such as running “Microsoft Malicious Software Removal Tool.” or relying on an antivirus to solve your problem, however you can never confirm if it's been removed. I've additionally featured some programs that are quite handy to most situations.




Sandboxie
"Enter Sandboxie, which lets you run programs independent of the rest of your system. That way they can't infect, access, or otherwise interfere with your Windows installation. It's also great for testing apps you aren't sure of or running multiple instances of an app that won't let you, so it's fun for the whole family."

Valkyrie (Comodo)
"If you have a Portable Executable (PE) file (.exe, .dll, .sys etc) that you would like to be analysed, please upload it using the form below. Within seconds, detailed detection results will be displayed in the 'Static' and 'Dynamic' tabs. Users will also see an 'overall' security verdict for the file prominently displayed at the top of the page."

Virustotal
"VirusTotal will scan, and detect, if appropriate, any type of binary content, be it a Windows executable, Android APKs, PDFs, images, javascript code, etc. Most of the antivirus companies involved in VirusTotal will have solutions for multiple platform, hence they usually produce detection signatures for any kind of malicious content."

Metascan Online
"Metascan is another substitute for Virustotal in the event of a complication associated with Virustotal. Metascan is a powerful and flexible solution for detecting and preventing known and unknown threats. ISVs, IT admins and malware researchers use Metascan to get easy access to multiple anti-malware engines at a single time, via a rich set of APIs. This technology is available through Metascan Online via the web interface and API, as well as through an on-premises version of Metascan that can be deployed in your own environment and even offline, with additional features like document sanitization available."

Anubis
"Anubis is a service for analyzing malicious software. Just like Virustotal however Anubis will go to great extents to review every detail of the malicious software could potentially cause. Submit your Windows executable or Android APK and receive an analysis report notifying you what it essentially does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL. Anubis is sponsored by Lastline, Inc., and Secure Business Austria, and developed by the International Secure Systems Lab. We are a small team of enthusiastic security professionals doing research in the field of computer security and malware analysis. Our goal is to provide interested and advanced computer users with a tool that helps in combating malware. This is why we provide this service free of charge. Note that access to Anubis is provided for internal use by end-users only. All other commercial uses are expressly prohibited. Note that many of the research ideas behind Anubis are brought to the next level by Lastline, Inc., a security company that brings our academic research to the market. Anubis is a tool for analyzing the behavior of Windows PE-executables with special focus on the analysis of malware. Execution of Anubis results in the generation of a report file that contains enough information to give a human user a very good impression about the purpose and the actions of the analyzed binary. The generated report includes detailed data about modifications made to the Windows registry or the file system, about interactions with the Windows Service Manager or other processes and of course it logs all generated network traffic. The analysis is based on running the binary in an emulated environment and watching i.e. analyzing its execution. The analysis focuses on the security-relevant aspects of a program's actions, which makes the analysis process easier and because the domain is more fine-grained it allows for more precise results. It is the ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary. Anubis is the result of more than three years of programming and research. We have designed Anubis to be an open framework for malware analysis that allows the easy integration of other tools and research artifacts. This will allow us to integrate new research prototypes produced by our group into Anubis as soon their code base is stable enough."


Payload Security - Recommended
"Today, malware attacks are becoming not only more sophisticated, but also more targeted. These targeted threats enter the landscape at a variety of levels, but often threats are sophisticated malware kits that are highly adaptive to a range of environments, equipped with exploit and custom code. The attackers aim at extracting intellectual property, critical business data (e.g. credit cards), insights on infrastructure or other key data. Thus, there is a strong demand for software systems that can extract and help understand malicious behavior. If companies can understand software involved on incidents, it is possible for them to adapt security policies more quickly and reveal additional weaknesses in the IT-security infrastructure. Consequently, it is necessary to constantly monitor the IT infrastructure, capture malicious code, understand and the implications and adapt accordingly. A term that describes this kind of cycle quite nicely is "Agile Security". It puts weight on the aspect that IT-security needs to be adaptive today. One key part for the solution to IT-security is a scalable, performance-oriented, fully automated malware analysis systems that incorporate complex algorithms, but at the same time are easy to use by a broad audience. Detecting threats is not enough, they need to be understood in-depth. At Payload Security, it is our goal to develop key technologies that can be used as part of malware analysis systems, threat grid systems, AV vendors or other monitoring systems that want to incorporate sophisticated, performance-oriented algorithms to get an edge over their competition. Our requirements are robustness, performance, scalability, adaptable interfaces and standardized output at an industry oriented level. Meeting these requirements, our software adds real value to your analysis system and allows you to adapt quickly to the constantly changing threat landscape. Please take your time and look around the web page as we are still growing. All of our software products are "Made in Germany". We are proud to say that all prototypes up to a marketable product have been implemented and designed on site in Germany. "Made in Germany" stands for quality, efficiency and precision. This is what we build our company upon, now and in the future."





And, thank you for reading my tutorial. I appreciate it and if you have any questions, concerns, or problems of any kind, do not hesitate to let me know. This thread will be updated if and when necessary.
Reply

Users browsing: 1 Guest(s)