- About us
- Code of Conduct
- Google SoC
- Recent posts
- Security Workshops
Welcome to the natural habitat of the Giraffe Honeynet Project, a chapter of the international Honeynet Project. Our main interest lies in developing code for applications in the area of honeynets and malware research. Some of our projects are:
As libemu had it's second release (0.2.0) lately, I'll try to introduce it to the audience who did not hear about it yet.
libemu is a small library written in c offering basic x86 emulation and shellcode detection using GetPC heuristics.
Intended use is within network intrusion/prevention detections and honeypots.
This post is split into four parts:
Emulation is an important technology in honeypots and honeynets. It's not always what we want, though, and here's why. As you might know, most bots perform attacks in multiple stages, i.e., they
Catching the exploit and providing a fake shell isn't too hard, as shown in this post. But we certainly don't want a malware to get executed on our honeypot, not even in an emulated environment. Instead, we want to do different things with it, e.g., submit it to a central service for automated analysis. Read more »
Technology:TEXT Read more »