zhijie.chen's blog
What's new on PHoneyC (4): Try it out!
Hi all:
I have finished almost all the coding stuff of Project #1, now you can try out the new PHoneyC with shellcode/heapspray detection here:
http://code.google.com/p/phoneyc/source/browse/phoneyc#phoneyc/branches/phoneyc-honeyjs
Please feel free to report any bug or suggestion on shellcode/heapspray detection to me. Read more »
Twitter
Facebook
LinkedInWhat's new on phoneyc (3)--- Mid-term Evaluation
Mid-term Report on PHoneyC GSoC project 1
| Info: | See <https://www.honeynet.org/gsoc/project1> for project details. |
|---|---|
| Author: | Zhijie Chen (Joyan) <[email protected]> |
| Mentor: | Jose Nazario |
| Description: | Mid-term Report on PHoneyC GSoC project 1. This report describes what I have done on the PHoneyC's libemu integration for shellcode and heapspray detection during the first half of the GSoC. Till now, the main ideas on this feature has been fast-implemented (actually I mean poor coding style) and the whole flow works well, with some code rewriting and performance optimization needed in the future. |
What's new in phoneyc (2)--- Shellcode and Heapspray Dectection
Mon, 06/01/2009 - 15:37 — zhijie.chenHi folks:
I have done some basic shellcode and heapspray detection codes in the phoneyc's 'honeyjs' javascript engine (based on python-spidermonkey, with extra tracing and auditing works). And also I have made a presentation on the local honeynet chinese chapter last weeked. Details about my current approaches can be found on this slide: http://is.gd/J9QP
Z. Chen (Joyan) Read more »
What's new in phoneyc's shellcode detection (1)--- Tracing spidermonkey
Mon, 05/25/2009 - 08:18 — zhijie.chen1. Overview ------------------------------- Read more »
We are a 501c3 non-profit, all volunteer organization. Consider donating to support our forensic challenges, tools development, and research.