mirror of
https://github.com/kh4sh3i/Malware-Analysis.git
synced 2024-12-18 10:26:08 +00:00
Update README.md
This commit is contained in:
parent
7dc03df452
commit
68df1815ec
@ -149,6 +149,9 @@ A curated list of awesome malware analysis tools and resources
|
|||||||
* [yara](https://github.com/VirusTotal/yara)
|
* [yara](https://github.com/VirusTotal/yara)
|
||||||
* [Python 3.8.0](https://www.python.org/downloads/release/python-380/) - for ret-sync & ida module
|
* [Python 3.8.0](https://www.python.org/downloads/release/python-380/) - for ret-sync & ida module
|
||||||
* [yara-python](https://pypi.org/project/yara-python/) - require for ida module
|
* [yara-python](https://pypi.org/project/yara-python/) - require for ida module
|
||||||
|
* [ret-sync](https://github.com/bootleg/ret-sync) - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### malicious Windows API
|
### malicious Windows API
|
||||||
* malware tye
|
* malware tye
|
||||||
@ -190,6 +193,7 @@ A curated list of awesome malware analysis tools and resources
|
|||||||
* .pdb file is so important for detection function name and indexing of system dll that use in malware
|
* .pdb file is so important for detection function name and indexing of system dll that use in malware
|
||||||
* in vmware we can suspend vm and copy .vmem for memory analysis. the file size is equal to whole memory size
|
* in vmware we can suspend vm and copy .vmem for memory analysis. the file size is equal to whole memory size
|
||||||
* in ida pro use [tab] key to decompile code, use [x] key to find how many time item called in pe file
|
* in ida pro use [tab] key to decompile code, use [x] key to find how many time item called in pe file
|
||||||
|
* in x64dbg with [F9] key we jumping to entrypoint of program, main function, work with F7,F8 for jumping code
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user