Hi all:
I have finished almost all the coding stuff of Project #1, now you can try out the new PHoneyC with shellcode/heapspray detection here:
http://code.google.com/p/phoneyc/source/browse/phoneyc#phoneyc/branches/phoneyc-honeyjs
Please feel free to report any bug or suggestion on shellcode/heapspray detection to me. Read more »
Info: | See <https://www.honeynet.org/gsoc/project1> for project details. |
---|---|
Author: | Zhijie Chen (Joyan) <[email protected]> |
Mentor: | Jose Nazario |
Description: | Mid-term Report on PHoneyC GSoC project 1. This report describes what I have done on the PHoneyC's libemu integration for shellcode and heapspray detection during the first half of the GSoC. Till now, the main ideas on this feature has been fast-implemented (actually I mean poor coding style) and the whole flow works well, with some code rewriting and performance optimization needed in the future. |
Hi folks:
I have done some basic shellcode and heapspray detection codes in the phoneyc's 'honeyjs' javascript engine (based on python-spidermonkey, with extra tracing and auditing works). And also I have made a presentation on the local honeynet chinese chapter last weeked. Details about my current approaches can be found on this slide: http://is.gd/J9QP
Z. Chen (Joyan) Read more »
1. Overview ------------------------------- Read more »