February 2, 2016

ARTDroid: an easy-to-use framework for hooking under ART

During Google Summer of Code 2015, in the Honeynet Project open-source org, Valerio Costamagna and Cong Zheng (mentor) worked on ARTDroid, an easy-to-use framework for hooking […]
January 9, 2014

Is Android malware served in theatres more sophisticated?

Pietro wrote a nice post about him finding Android malware while visiting the theatre. Thanks to Thug (thank you Angelo) and HoneyProxy, he was able to […]
January 7, 2014

Malware-serving theaters for your android phones – Part 1

Some nights ago I was heading to a local theater with some (non-nerd) friends. We did not recall very well the address, so I brought out […]
June 9, 2013

Unveiling Dorothy2: a malware/botnet analysis framework written in Ruby.

Howdy all,I’ve the pleasure to *finally* unveil the second version of Dorothy: a malware/botnet analysis framework written in Ruby. Dorothy2 is a framework created for mass […]
May 7, 2012

Progress so far at the Network Analyzer

Although it is still time for the official coding period start at GSoC 2012, i started to make my commits for the Network Analyzer project . […]
December 20, 2010

TaiWan Malware Analysis Net

Basically, The TWMAN is an automated behavioral malware analysis environment to analyze the malware targeted at Microsoft Windows, and it can develop a free and open […]
November 1, 2010

取证分析挑战 6 – 分析恶意编码 PDF 档案

取证分析挑战 6:分析恶意编码 PDF 档案 – (由来自马来西亚分支的Mahmud Ab Rahman和Ahmad Azizan Idris提供) 利用含恶意编码 PDF档案进行的典型攻击。 请在2010年11月30日星期二之前在 透过我们的表格 (请使用 MS word解答范本 或 Open Office解答范本) 提交您的挑战解答。结果约在12月的第三个星期公布。) 难度等级:中级 欢迎透过下列链接访问:英文版内容 挑战内容: PDF […]
November 1, 2010

鑑識分析挑戰 6:分析惡意編碼 PDF 檔案

鑑識分析挑戰 6:分析惡意編碼 PDF 檔案 – (由來自馬來西亞團隊的Mahmud Ab Rahman和Ahmad Azizan Idris提供) 利用含惡意編碼 PDF檔案進行的典型攻擊。 請在2010年11月30日星期二之前在 透過我們的表格 (請使用 MS word解答範本 或 Open Office解答範本) 提交您的挑戰解答。結果約在12月的第三個星期公佈。) 難度等級:中級 歡迎透過下列鏈結訪問:英文版內容 挑戰內容: PDF […]
May 24, 2010

Waledac’s Anti-Debugging Tricks

The last spreading malware version of Waledac, a notorious spamming botnet that has been taken down in a collaborative effort lead by Microsoft earlier this year, […]