Viper - Time to do malware research right

Viper is a binary analysis and management framework. Its fundamental objective is to provide a solution to easily organize your collection of malware and exploit samples as well as your collection of scripts you created or found over the time to facilitate your daily research. Think of it as a Metasploit for malware researchers: it provides a terminal interface that you can use to store, search and analyze arbitraty files with and a framework to easily create plugins of any sort.

Viper is written in Python and it requires Python 2.7 to function properly. In this documentation we will use Debian GNU/Linux based distributions, such as Ubuntu, as a reference platform. The following installation instructions should apply similarly to other distributions and possibly to Mac OS X as well, although it has not been properly tested

Viper is released under BSD 3-Clause license and is copyrighted by Claudio Guarnieri. The source code is available on GitHub, where also all development efforts and contributions are coordinated.

Comments

Fix HTTPS issue in browser - Burp Suite

If you get message "Software is Preventing Firefox From Safely Connecting to This Site. Most likely a safe site, but a secure connection could not be established. This issue is caused by The original certificate provided by the web server is untrusted., which is either software on your computer or your network." lets see the tutorial. 1. With Burp suite running, visit http://burp in your browser and click the "CA Certificate" link to download and save your Burp CA certificate. Remember where you save the Burp CA certificate.

Artillery - Binary Defense Project

Project Artillery is an open source project aimed at the detection of early warning indicators and attacks. The concept is that Artillery will spawn multiple ports on a system giving the attacker the idea that multiple ports are exposed. Additionally, Artillery actively monitors the filesystem for changes, brute force attacks, and other indicators of compromise. Artillery is a full suite for protection against attack on Linux and Windows based devices. It can be used as an early warning indicator of attackers on your network. Additionally, Artillery integrates into threat intelligence feeds which can notify when a previously seen attacker IP address has been identified. Artillery supports multiple configuration types, different versions of Linux, and can be deployed across multiple systems and events sent centrally. Artillery is a combination of a honeypot, monitoring tool, and alerting system. Eventually this will evolve into a hardening monitoring platform as well to detect ins...

How To Enable DNS over HTTPS

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. An alternative to DoH is the DNS over TLS (DoT) protocol, a similar standard for encrypting DNS queries, differing only in the methods used for encryption and delivery. On the basis of privacy and security, whether or not a superior protocol exists among the two is a matter of controversial debate, while others argue the merits of either depend on the specific use case. Benefits DoH improves privacy by hiding domain name lookups from someone lurking on public WiFi, your ISP, or anyone else on your local network. DoH, when enabled, ensures that your ISP cannot collect and sell personal information related to your br...

-=[ vYc0d Blog ]=-

Search This Blog