This post is by a banned member (Ogiejdjdjf) - Unhide
05 December, 2021 - 09:01 PM
Reply
(20 March, 2021 - 02:35 AM)anabahle Wrote: Show MoreThis package contains most of the software referenced in Practical Malware Analysis. Some of the software available in this pack can't be downloaded anywhere else currently.
WARNING: Please disregard the Virustotal link here (as I can't scan each file contained in this pack). There are malicious code samples provided in the labs. Poison Ivy is real C2 malware. Use extreme caution with this. The software part should be clean; however, to be safe run on a VM / Sandbox.
List of contained programs:
Show ContentSpoiler:
- MD5DEEP 4.4 and related tools (sha1deep, hashdeep, whirlpooldeep, etc) and 64-bit equivalents.
- WinMD5Free v1.20
- PEiD v0.95 with KANAL plugin
- Strings v2.52
- upx 3.91
- PEview v0.9.9
- Resource Hacker v4.2.5
- PEBrowse Professional v10.1.4
- PEBrowse64 Professional v6.3.1
- PE Explorer 1.99 R6 (Trial)
- Process Monitor (procmon) v3.2
- Process Explorer (procexp) v16.10
- Regshot v1.9.0
- ApateDNS v1.0
- Netcat (nc) 1.11 and 64-bit build
- Wireshark v2.0.3
- FakeNet 1.0c (INetSim alternative for Windows)
- Combined Volume Set of Intel® 64 and IA-32 Architectures Software Developer’s Manuals
- IDA Pro Free v5.0 with FindCrypt plugin, IDA Entropy Plugin
- Autoruns v13.51 and autorunsc
- OllyDbg v1.10 and v2.01d
- OllyDump Plugin
- WinDbg x86 and x64 v6.11.1.404
- Immunity Debugger (ImmDbg) v1.85
- SoftICE 4.05 for w98 and NT/XP (SEE FOOTER)
- SoftIceNT 4.2.7 (from 2.7 Driver Studio build) for XP (SEE FOOTER)
- OSR Driver Loader v3.0
- Poison Ivy RAT 2.3.2 (Password is “malware” with no quotes, if the exe is eaten by your AV)
- pwdump6 (as PwDump.exe)
- pwdump7
- Pass-The-Hash Toolkit v1.4
- Metasploit Framework v4.11.7
- PyCrypto (Requires Python 2.7)
- Snort 2.9.8.2
- ScoopyNG v1.0
- Mandiant Red Curtain 1.0
- ASPack 2.39 (Trial)
- PETite v2.4
- WinUPack v0.39 Final
- Themida 2.4.1.0 (Trial)
- shellcode_launcher.exe (Gone from practicalmalwareanalysis.com)
- Bochs 2.6.8
- Burp Suite 1.7.03
- CaptureBAT 2.0.0-5574
- Cuckoo 2.0-RC1 (Requires Python)
- CFF Explorer (As Explorer Suite 4)
- WinHex 18.8.0.0
- Import REConstructor (ImpREC) 1.7e
- LordPE 1.41 Deluxe
- Malcode Analyst Pack
- Memoryze 3.0
- OfficeMalScanner 0.5
- Zynamics BinDiff 4.20 (Key provided by Zynamics)
- pdfid.py and pdf-parser.py (Requires Python, obviously)
- Sandboxie v5.10
- Buster Sandbox Analyzer v1.88 Update 4
- TCPView v3.05
- The Sleuth Kit 4.2.0 for Windows
- VERA v0.3
- Volatility 2.5
- Yara v1.7.1 x86 and x64
thanks
This post is by a banned member (vittz666) - Unhide
21 December, 2021 - 02:40 PM
Reply
This post is by a banned member (rebruhkeys) - Unhide
22 December, 2021 - 01:08 AM
Reply
This post is by a banned member (CashoutNugad) - Unhide
13 May, 2022 - 02:29 PM
Reply
(20 March, 2021 - 02:35 AM)anabahle Wrote: Show MoreThis package contains most of the software referenced in Practical Malware Analysis. Some of the software available in this pack can't be downloaded anywhere else currently.
WARNING: Please disregard the Virustotal link here (as I can't scan each file contained in this pack). There are malicious code samples provided in the labs. Poison Ivy is real C2 malware. Use extreme caution with this. The software part should be clean; however, to be safe run on a VM / Sandbox.
List of contained programs:
Show ContentSpoiler:
- MD5DEEP 4.4 and related tools (sha1deep, hashdeep, whirlpooldeep, etc) and 64-bit equivalents.
- WinMD5Free v1.20
- PEiD v0.95 with KANAL plugin
- Strings v2.52
- upx 3.91
- PEview v0.9.9
- Resource Hacker v4.2.5
- PEBrowse Professional v10.1.4
- PEBrowse64 Professional v6.3.1
- PE Explorer 1.99 R6 (Trial)
- Process Monitor (procmon) v3.2
- Process Explorer (procexp) v16.10
- Regshot v1.9.0
- ApateDNS v1.0
- Netcat (nc) 1.11 and 64-bit build
- Wireshark v2.0.3
- FakeNet 1.0c (INetSim alternative for Windows)
- Combined Volume Set of Intel® 64 and IA-32 Architectures Software Developer’s Manuals
- IDA Pro Free v5.0 with FindCrypt plugin, IDA Entropy Plugin
- Autoruns v13.51 and autorunsc
- OllyDbg v1.10 and v2.01d
- OllyDump Plugin
- WinDbg x86 and x64 v6.11.1.404
- Immunity Debugger (ImmDbg) v1.85
- SoftICE 4.05 for w98 and NT/XP (SEE FOOTER)
- SoftIceNT 4.2.7 (from 2.7 Driver Studio build) for XP (SEE FOOTER)
- OSR Driver Loader v3.0
- Poison Ivy RAT 2.3.2 (Password is “malware” with no quotes, if the exe is eaten by your AV)
- pwdump6 (as PwDump.exe)
- pwdump7
- Pass-The-Hash Toolkit v1.4
- Metasploit Framework v4.11.7
- PyCrypto (Requires Python 2.7)
- Snort 2.9.8.2
- ScoopyNG v1.0
- Mandiant Red Curtain 1.0
- ASPack 2.39 (Trial)
- PETite v2.4
- WinUPack v0.39 Final
- Themida 2.4.1.0 (Trial)
- shellcode_launcher.exe (Gone from practicalmalwareanalysis.com)
- Bochs 2.6.8
- Burp Suite 1.7.03
- CaptureBAT 2.0.0-5574
- Cuckoo 2.0-RC1 (Requires Python)
- CFF Explorer (As Explorer Suite 4)
- WinHex 18.8.0.0
- Import REConstructor (ImpREC) 1.7e
- LordPE 1.41 Deluxe
- Malcode Analyst Pack
- Memoryze 3.0
- OfficeMalScanner 0.5
- Zynamics BinDiff 4.20 (Key provided by Zynamics)
- pdfid.py and pdf-parser.py (Requires Python, obviously)
- Sandboxie v5.10
- Buster Sandbox Analyzer v1.88 Update 4
- TCPView v3.05
- The Sleuth Kit 4.2.0 for Windows
- VERA v0.3
- Volatility 2.5
- Yara v1.7.1 x86 and x64
Thank u so much
This post is by a banned member (s3archin6) - Unhide
14 May, 2022 - 09:41 PM
Reply
This post is by a banned member (haydzen) - Unhide
04 June, 2022 - 07:29 AM
Reply
This post is by a banned member (Axurria) - Unhide
06 June, 2022 - 01:40 AM
Reply
This post is by a banned member (iqos) - Unhide
09 June, 2022 - 12:38 PM
Reply
(20 March, 2021 - 02:35 AM)anabahle Wrote: Show MoreThis package contains most of the software referenced in Practical Malware Analysis. Some of the software available in this pack can't be downloaded anywhere else currently.
WARNING: Please disregard the Virustotal link here (as I can't scan each file contained in this pack). There are malicious code samples provided in the labs. Poison Ivy is real C2 malware. Use extreme caution with this. The software part should be clean; however, to be safe run on a VM / Sandbox.
List of contained programs:
Show ContentSpoiler:
- MD5DEEP 4.4 and related tools (sha1deep, hashdeep, whirlpooldeep, etc) and 64-bit equivalents.
- WinMD5Free v1.20
- PEiD v0.95 with KANAL plugin
- Strings v2.52
- upx 3.91
- PEview v0.9.9
- Resource Hacker v4.2.5
- PEBrowse Professional v10.1.4
- PEBrowse64 Professional v6.3.1
- PE Explorer 1.99 R6 (Trial)
- Process Monitor (procmon) v3.2
- Process Explorer (procexp) v16.10
- Regshot v1.9.0
- ApateDNS v1.0
- Netcat (nc) 1.11 and 64-bit build
- Wireshark v2.0.3
- FakeNet 1.0c (INetSim alternative for Windows)
- Combined Volume Set of Intel® 64 and IA-32 Architectures Software Developer’s Manuals
- IDA Pro Free v5.0 with FindCrypt plugin, IDA Entropy Plugin
- Autoruns v13.51 and autorunsc
- OllyDbg v1.10 and v2.01d
- OllyDump Plugin
- WinDbg x86 and x64 v6.11.1.404
- Immunity Debugger (ImmDbg) v1.85
- SoftICE 4.05 for w98 and NT/XP (SEE FOOTER)
- SoftIceNT 4.2.7 (from 2.7 Driver Studio build) for XP (SEE FOOTER)
- OSR Driver Loader v3.0
- Poison Ivy RAT 2.3.2 (Password is “malware” with no quotes, if the exe is eaten by your AV)
- pwdump6 (as PwDump.exe)
- pwdump7
- Pass-The-Hash Toolkit v1.4
- Metasploit Framework v4.11.7
- PyCrypto (Requires Python 2.7)
- Snort 2.9.8.2
- ScoopyNG v1.0
- Mandiant Red Curtain 1.0
- ASPack 2.39 (Trial)
- PETite v2.4
- WinUPack v0.39 Final
- Themida 2.4.1.0 (Trial)
- shellcode_launcher.exe (Gone from practicalmalwareanalysis.com)
- Bochs 2.6.8
- Burp Suite 1.7.03
- CaptureBAT 2.0.0-5574
- Cuckoo 2.0-RC1 (Requires Python)
- CFF Explorer (As Explorer Suite 4)
- WinHex 18.8.0.0
- Import REConstructor (ImpREC) 1.7e
- LordPE 1.41 Deluxe
- Malcode Analyst Pack
- Memoryze 3.0
- OfficeMalScanner 0.5
- Zynamics BinDiff 4.20 (Key provided by Zynamics)
- pdfid.py and pdf-parser.py (Requires Python, obviously)
- Sandboxie v5.10
- Buster Sandbox Analyzer v1.88 Update 4
- TCPView v3.05
- The Sleuth Kit 4.2.0 for Windows
- VERA v0.3
- Volatility 2.5
- Yara v1.7.1 x86 and x64
Well I will check it thx
|