搜索资源列表
malware
- 武汉大学恶意代码课程资料 (全国最好的信息安全专业课程)
ValidateClass_1.3
- ASP防恶意注册引擎(ValidateClass)自己写的预防各类机器人恶意注册或发布垃圾消息的APS类,调用简单方便。使用后,可根据情况取消验证码哦。除非对方专门针对本算法编写机器人程序或手工注册,否则是不允许注册的哦。 2011-02-19:扩展了类方法,增强了安全性。具体看demo。 2011-02-22:新增验证Referer属性。-ASP anti-malware up engine (ValidateClass) the prevention of various types
20104141531383
- 流氓软件扫面与清除源码 运行平台: Windows -Malware scanning and removal source operating platforms: Windows
Cleanup
- 能够检测、清理已知的大多数广告软件、工具条和流氓软件。比起其它同类软件,清理软件更方便、更彻底,并且是国内唯一能真正彻底清理流氓软件所有的注册表及文件记录,不需要进入DOS,不需要进入安全模式,不需要备份注册表,只要清理后重新启动一次即可卸载干净。-To detect, clean up the majority of known adware, toolbars and malware. Compared with other similar software, cleaning softwa
Read_write_disk
- 1. 演示了一种可以绕过卡巴斯基的实时检测将病毒写到磁盘中的方法。-1. Demonstrates a real-time detection can bypass Kaspersky' s virus written to disk method.
007
- 随着计算机的发展,越来越多人用上了个人计算机,而主流的操作系统是Microsoft的Windows。这种操作系统占据着PC操作系统市场的90 以上。但问题也随之而来,越来越多的针对该平台的病毒、*、黑客程序、恶意程序、流氓软件以及间谍程序盗窃和破坏用户数据。 研究发现,大多数上述非法程序是通过注册表来达到自启动的。那么只要我们拦截上述程序对注册表的访问,便可禁止他们启动,达到了保护用户数据的目的。在本次设计中,使用了SSDT Hook这种技术对注册表的访问进行拦截。这种拦截技术通用,功能强
up3.c
- unpacker to unpack some malware that was packed with a unknown cryptor,
up.c
- decrypt a pice of malware that had part xor-ed with a constant
up3a.c
- unpacker to unpack some malware that was packed with a unknown cryptor
up4.c
- unpacker to unpack some malware that was packed with a unknown cryptor,
MyKill
- 自己写得*转移程序。自动查找Malware.QVM14.GEN*,并把它转移到E:\bak目录下。-Trojan shift their written procedures. Automatically find Malware.QVM14.GEN Trojans, and to transfer it to E: \ bak directory.
blaster
- it is the famous malware blaster1
npe_portable
- For reverse engineering and malware analysis
PyEmu src and docs
- PyEmu tries to provide a fully scr iptable IA-32 emulator in python. The aim is for security researchers and malware analysis. By having a flexible community driven emulator in a high level language one can roll their own purpose driven scr ipts to s
RDG-Packer-Detector-v0.7.2-2014
- Universal packer detector for malware analysis
src
- a driver for Cuckoo Sandbox, it will perform kernel analysis during the execution of a malware. There are many ways for a malware author to bypass Cuckoo detection, he can detect the hooks, hardcodes the Nt* functions to avoid the hooks, detect the
knark-2.4.3-release
- knark的主要功能有隐藏文件、隐藏进程、重定向执行程序、隐藏网络连接、以root身份运行命令、改变用户id、远程执行命令(该功能尚不完善,作者自己注释了),它还有几个比较不错的特性,如:隐藏SIOCGIFFLAGS的标志位中IFF_PROMISC——接口为随机(promiscuous)模式的项,这可以防止部份检测网卡是否为混杂模式的工具发现入侵行为;另外,它能够用kill发送一个31的信号给某进程,以隐藏之-knark is a malware to hide processes ,files