Making complex data simple and compelling
From digital device to digital evidence
Unlock your vehicle's digital evidence potential
Forensic Analysis and Enhancement
Investigating and analyzing financial records
Gain access to the online accounts of deceased loved ones
Clear, precise evidence for a messy world
Expert reports to suit your specific needs
We can locate people anywhere
Stop worrying and learn the truth
Prevent, Detect, Respond To Cyberattacks
First response is crucial. Every minute counts.
The first response is critical to reduce liability
Detection & Removing Spyware Services
Reduce your electronic risk from digital transmittals
Find out who you are really talking to
Experienced, Confidential Services
Swift, professional incident response
Complicated cases require compelling digital facts
Find, recover and document digital evidence
Bring solid evidence before a judge
Cases can be investigated using Social Media
Divorce, custody battles, and other
Win the most important battle of your life
Everything you need
Effective Expert Witness in Court
Evidence shows who is telling the truth
Subpoena power yields strong evidence
Digital evidence can build a strong defense
Go to court with compelling digital evidence
Today I propose to get acquainted with LockBoxx’ post. He decided to share a collection of open-source, automated static and dynamic binary analysis tools that he covers. These tools include a myriad of static analysis, dynamic analysis, and reporting tools, which we will cover in-depth in the following article. His goal is for a useful set of internal tools and a great learning experience in both reverse engineering and building a micro-service architecture for automated analysis.
So, for the first pass in this binary analysis cluster, he chooses:
Viper is the main interface and database for storing the binary fillets, which allows you to automatically run other python modules for import, thus driving the core of all our automated analysis.
This is our main cluster for dynamically sandboxing binaries. Using the Cuckoo to drive this dynamic analysis of the sandbox allows you to run executable files, get rich virtual introspection machines, network traffic, and even dumping memory.
MISP is used as a user interface and integration of intelligence threats with software. OIRFP can subscribe to channels and enrich our other tools such as Viper and Cuckoo, which allows us to incorporate threatening intelligence channels in a controlled path.
The author describes in great detail his steps in the analysis. In conclusion, he recommends a presentation that goes through some of the things that you might want to automatically extract from your executables, either static or dynamically.
Please enter the result of the calculation above.
Save my name, email, and website in this browser for the next time I comment.
Speak to a Specialist Now
Get Help Now