-
-
[转帖]Malwasm Offline debugger for malware's reverse engineering
-
发表于: 2012-10-26 11:01
-
Malwasm Offline debugger for malware's reverse engineering
Presentation
Malwasm is a tool based on Cuckoo Sandbox available here.
Malwasm was designed to help people that do reverse engineering. Malwasm step by step:
the malware to analyse is executed through Cuckoo Sandbox
during the execution, malwasm logs all activites of the malware with pintool
all activities are stored in a database (Postgres)
a web service is available to visualize and manage the data stored in the database
Features
Malwasm provides these features:
offline programs debugging
possibility to go back or forward in the execution's time (with a time slide bar)
states of registers and flags
values of the stack/heap/data
"Following dump" options
fully works in the browser
380K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2k6r3g2Q4x3X3g2Y4L8$3!0Y4L8r3g2Q4x3X3g2U0L8$3#2Q4x3V1k6H3i4K6u0r3L8h3q4D9N6$3q4K6L8b7`.`.
|
|
|---|---|
