-
-
[转帖]Malwasm Offline debugger for malware's reverse engineering
-
发表于: 2012-10-26 11:01
-
Malwasm Offline debugger for malware's reverse engineering
Presentation
Malwasm is a tool based on Cuckoo Sandbox available here.
Malwasm was designed to help people that do reverse engineering. Malwasm step by step:
the malware to analyse is executed through Cuckoo Sandbox
during the execution, malwasm logs all activites of the malware with pintool
all activities are stored in a database (Postgres)
a web service is available to visualize and manage the data stored in the database
Features
Malwasm provides these features:
offline programs debugging
possibility to go back or forward in the execution's time (with a time slide bar)
states of registers and flags
values of the stack/heap/data
"Following dump" options
fully works in the browser
http://code.google.com/p/malwasm
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
