Jump to content
Nytro

PortEx

By Nytro, in Programe securitate

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

[h=3]PortEx[/h]

[h=3]Welcome to PortEx[/h] PortEx is a Java library for static malware analysis of portable executable files. PortEx is written in Java and Scala, but targeted for Java applications.

[h=3]Features (so far)[/h]

  • Reading Header information from: MSDOS Header, COFF File Header, Optional Header, Section Table
  • Dumping of: MSDOS Load Module, Sections, Overlay, embedded ZIP, JAR or .class files
  • Mapping of Data Directory Entries to the corresponding Section
  • Reading Standard Section Formats: Import Section, Resource Section, Export Section, Debug Section
  • Scanning for file anomalies, including usage of deprecated, reserved or wrong values
  • Scan for PEiD signatures or your own signature database
  • Scan for jar2exe or class2exe wrappers
  • Scan for Unicode and ASCII strings contained in the file
  • Overlay detection
  • Get a Virustotal report

For more information have a look at PortEx Wiki and the Documentation

Sursa: https://katjahahn.github.io/PortEx/

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...