Your bag of handy codez for malware researchers
- crypto - couple of wrappers around pycrypto and other (stolen/borrowed) crypto things, so far:
- rc2
- rc4 + key derivation from m$
- rc6
- spritz
- rsa + pkcs
- rolling xor
- xor
- xtea
- serpent
- compression - same thing for compression algos so far:
- lznt1
- lzmat
- gzip
- aplib
- disasm - wrapper around capstone and some additions ;]
- malware - codez from malware so far,
- isfb
- winapi - various things related to windows api,
- resolve api name from hash
- port of CryptExportKey/CryptImportKey returning object from mlib.crypto
- bits - various things that operates on bits
- hash - some old school hashes used in api resolving
- rnd - random wrappers
- memory - useful class for operation on blobs of data, reading bytes,dwords etc
- parse - parse all the things! especially m$ crypto keys
Do whatever you want with this, Just remember to credit the authors and buy them beers when you meet them;]
I wish...
If you have any questions, hit me up - mak@malwarelab.pl
--
Enjoy and Happy hacking!