This post is by a banned member (edwards2024) - Unhide
27 June, 2023 - 07:14 PM
Reply
This post is by a banned member (elliot1122) - Unhide
01 July, 2023 - 06:51 PM
Reply
This post is by a banned member (BLA121) - Unhide
02 July, 2023 - 03:28 PM
Reply
(20 March, 2021 - 02:35 AM)anabahle Wrote: Show MoreThis package contains most of the software referenced in Practical Malware Analysis. Some of the software available in this pack can't be downloaded anywhere else currently.
WARNING: Please disregard the Virustotal link here (as I can't scan each file contained in this pack). There are malicious code samples provided in the labs. Poison Ivy is real C2 malware. Use extreme caution with this. The software part should be clean; however, to be safe run on a VM / Sandbox.
List of contained programs:
Show ContentSpoiler:
- MD5DEEP 4.4 and related tools (sha1deep, hashdeep, whirlpooldeep, etc) and 64-bit equivalents.
- WinMD5Free v1.20
- PEiD v0.95 with KANAL plugin
- Strings v2.52
- upx 3.91
- PEview v0.9.9
- Resource Hacker v4.2.5
- PEBrowse Professional v10.1.4
- PEBrowse64 Professional v6.3.1
- PE Explorer 1.99 R6 (Trial)
- Process Monitor (procmon) v3.2
- Process Explorer (procexp) v16.10
- Regshot v1.9.0
- ApateDNS v1.0
- Netcat (nc) 1.11 and 64-bit build
- Wireshark v2.0.3
- FakeNet 1.0c (INetSim alternative for Windows)
- Combined Volume Set of Intel® 64 and IA-32 Architectures Software Developer’s Manuals
- IDA Pro Free v5.0 with FindCrypt plugin, IDA Entropy Plugin
- Autoruns v13.51 and autorunsc
- OllyDbg v1.10 and v2.01d
- OllyDump Plugin
- WinDbg x86 and x64 v6.11.1.404
- Immunity Debugger (ImmDbg) v1.85
- SoftICE 4.05 for w98 and NT/XP (SEE FOOTER)
- SoftIceNT 4.2.7 (from 2.7 Driver Studio build) for XP (SEE FOOTER)
- OSR Driver Loader v3.0
- Poison Ivy RAT 2.3.2 (Password is “malware” with no quotes, if the exe is eaten by your AV)
- pwdump6 (as PwDump.exe)
- pwdump7
- Pass-The-Hash Toolkit v1.4
- Metasploit Framework v4.11.7
- PyCrypto (Requires Python 2.7)
- Snort 2.9.8.2
- ScoopyNG v1.0
- Mandiant Red Curtain 1.0
- ASPack 2.39 (Trial)
- PETite v2.4
- WinUPack v0.39 Final
- Themida 2.4.1.0 (Trial)
- shellcode_launcher.exe (Gone from practicalmalwareanalysis.com)
- Bochs 2.6.8
- Burp Suite 1.7.03
- CaptureBAT 2.0.0-5574
- Cuckoo 2.0-RC1 (Requires Python)
- CFF Explorer (As Explorer Suite 4)
- WinHex 18.8.0.0
- Import REConstructor (ImpREC) 1.7e
- LordPE 1.41 Deluxe
- Malcode Analyst Pack
- Memoryze 3.0
- OfficeMalScanner 0.5
- Zynamics BinDiff 4.20 (Key provided by Zynamics)
- pdfid.py and pdf-parser.py (Requires Python, obviously)
- Sandboxie v5.10
- Buster Sandbox Analyzer v1.88 Update 4
- TCPView v3.05
- The Sleuth Kit 4.2.0 for Windows
- VERA v0.3
- Volatility 2.5
- Yara v1.7.1 x86 and x64
mmmm,,
This post is by a banned member (Pi3tass) - Unhide
16 August, 2023 - 02:19 PM
Reply
This post is by a banned member (frsy) - Unhide
16 August, 2023 - 05:32 PM
Reply
Lets see what happens if i run Poison Ivy lol jk
This post is by a banned member (LOO127634) - Unhide
05 September, 2023 - 03:22 PM
Reply
(20 March, 2021 - 02:35 AM)anabahle Wrote: Show MoreThis package contains most of the software referenced in Practical Malware Analysis. Some of the software available in this pack can't be downloaded anywhere else currently.
WARNING: Please disregard the Virustotal link here (as I can't scan each file contained in this pack). There are malicious code samples provided in the labs. Poison Ivy is real C2 malware. Use extreme caution with this. The software part should be clean; however, to be safe run on a VM / Sandbox.
List of contained programs:
Show ContentSpoiler:
- MD5DEEP 4.4 and related tools (sha1deep, hashdeep, whirlpooldeep, etc) and 64-bit equivalents.
- WinMD5Free v1.20
- PEiD v0.95 with KANAL plugin
- Strings v2.52
- upx 3.91
- PEview v0.9.9
- Resource Hacker v4.2.5
- PEBrowse Professional v10.1.4
- PEBrowse64 Professional v6.3.1
- PE Explorer 1.99 R6 (Trial)
- Process Monitor (procmon) v3.2
- Process Explorer (procexp) v16.10
- Regshot v1.9.0
- ApateDNS v1.0
- Netcat (nc) 1.11 and 64-bit build
- Wireshark v2.0.3
- FakeNet 1.0c (INetSim alternative for Windows)
- Combined Volume Set of Intel® 64 and IA-32 Architectures Software Developer’s Manuals
- IDA Pro Free v5.0 with FindCrypt plugin, IDA Entropy Plugin
- Autoruns v13.51 and autorunsc
- OllyDbg v1.10 and v2.01d
- OllyDump Plugin
- WinDbg x86 and x64 v6.11.1.404
- Immunity Debugger (ImmDbg) v1.85
- SoftICE 4.05 for w98 and NT/XP (SEE FOOTER)
- SoftIceNT 4.2.7 (from 2.7 Driver Studio build) for XP (SEE FOOTER)
- OSR Driver Loader v3.0
- Poison Ivy RAT 2.3.2 (Password is “malware” with no quotes, if the exe is eaten by your AV)
- pwdump6 (as PwDump.exe)
- pwdump7
- Pass-The-Hash Toolkit v1.4
- Metasploit Framework v4.11.7
- PyCrypto (Requires Python 2.7)
- Snort 2.9.8.2
- ScoopyNG v1.0
- Mandiant Red Curtain 1.0
- ASPack 2.39 (Trial)
- PETite v2.4
- WinUPack v0.39 Final
- Themida 2.4.1.0 (Trial)
- shellcode_launcher.exe (Gone from practicalmalwareanalysis.com)
- Bochs 2.6.8
- Burp Suite 1.7.03
- CaptureBAT 2.0.0-5574
- Cuckoo 2.0-RC1 (Requires Python)
- CFF Explorer (As Explorer Suite 4)
- WinHex 18.8.0.0
- Import REConstructor (ImpREC) 1.7e
- LordPE 1.41 Deluxe
- Malcode Analyst Pack
- Memoryze 3.0
- OfficeMalScanner 0.5
- Zynamics BinDiff 4.20 (Key provided by Zynamics)
- pdfid.py and pdf-parser.py (Requires Python, obviously)
- Sandboxie v5.10
- Buster Sandbox Analyzer v1.88 Update 4
- TCPView v3.05
- The Sleuth Kit 4.2.0 for Windows
- VERA v0.3
- Volatility 2.5
- Yara v1.7.1 x86 and x64
cool
This post is by a banned member (thepikap0p) - Unhide
13 September, 2023 - 08:15 AM
Reply
This post is by a banned member (Digo234) - Unhide
18 September, 2023 - 04:08 AM
Reply
(20 March, 2021 - 02:35 AM)anabahle Wrote: Show MoreThis package contains most of the software referenced in Practical Malware Analysis. Some of the software available in this pack can't be downloaded anywhere else currently.
WARNING: Please disregard the Virustotal link here (as I can't scan each file contained in this pack). There are malicious code samples provided in the labs. Poison Ivy is real C2 malware. Use extreme caution with this. The software part should be clean; however, to be safe run on a VM / Sandbox.
List of contained programs:
Show ContentSpoiler:
- MD5DEEP 4.4 and related tools (sha1deep, hashdeep, whirlpooldeep, etc) and 64-bit equivalents.
- WinMD5Free v1.20
- PEiD v0.95 with KANAL plugin
- Strings v2.52
- upx 3.91
- PEview v0.9.9
- Resource Hacker v4.2.5
- PEBrowse Professional v10.1.4
- PEBrowse64 Professional v6.3.1
- PE Explorer 1.99 R6 (Trial)
- Process Monitor (procmon) v3.2
- Process Explorer (procexp) v16.10
- Regshot v1.9.0
- ApateDNS v1.0
- Netcat (nc) 1.11 and 64-bit build
- Wireshark v2.0.3
- FakeNet 1.0c (INetSim alternative for Windows)
- Combined Volume Set of Intel® 64 and IA-32 Architectures Software Developer’s Manuals
- IDA Pro Free v5.0 with FindCrypt plugin, IDA Entropy Plugin
- Autoruns v13.51 and autorunsc
- OllyDbg v1.10 and v2.01d
- OllyDump Plugin
- WinDbg x86 and x64 v6.11.1.404
- Immunity Debugger (ImmDbg) v1.85
- SoftICE 4.05 for w98 and NT/XP (SEE FOOTER)
- SoftIceNT 4.2.7 (from 2.7 Driver Studio build) for XP (SEE FOOTER)
- OSR Driver Loader v3.0
- Poison Ivy RAT 2.3.2 (Password is “malware” with no quotes, if the exe is eaten by your AV)
- pwdump6 (as PwDump.exe)
- pwdump7
- Pass-The-Hash Toolkit v1.4
- Metasploit Framework v4.11.7
- PyCrypto (Requires Python 2.7)
- Snort 2.9.8.2
- ScoopyNG v1.0
- Mandiant Red Curtain 1.0
- ASPack 2.39 (Trial)
- PETite v2.4
- WinUPack v0.39 Final
- Themida 2.4.1.0 (Trial)
- shellcode_launcher.exe (Gone from practicalmalwareanalysis.com)
- Bochs 2.6.8
- Burp Suite 1.7.03
- CaptureBAT 2.0.0-5574
- Cuckoo 2.0-RC1 (Requires Python)
- CFF Explorer (As Explorer Suite 4)
- WinHex 18.8.0.0
- Import REConstructor (ImpREC) 1.7e
- LordPE 1.41 Deluxe
- Malcode Analyst Pack
- Memoryze 3.0
- OfficeMalScanner 0.5
- Zynamics BinDiff 4.20 (Key provided by Zynamics)
- pdfid.py and pdf-parser.py (Requires Python, obviously)
- Sandboxie v5.10
- Buster Sandbox Analyzer v1.88 Update 4
- TCPView v3.05
- The Sleuth Kit 4.2.0 for Windows
- VERA v0.3
- Volatility 2.5
- Yara v1.7.1 x86 and x64
ty
|