About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Blogs
>>
jraber
's Blog
Created: Thursday, August 18 2011 10:01.06 CDT
Printer Friendly ...
Stealthy Profiling and Debugging of Malware
Author:
jraber
# Views:
2113
Here is a Windows driver I developed that I presented at Blackhat this year. Enjoy
Hades is a tool for dynamic application analysis on Microsoft Windows-based systems. It has function hooking capabilities similar to those of Microsoft Detours and WinAPIOverride (WAO), and it can also function as a debugger. It was developed to allow analysis of malware binaries that were able to detect Detours and WAO.
https://github.com/jnraber/Hades
Blog Comments
ROH
Posted: Thursday, August 25 2011 16:26.20 CDT
Does it work with Windows 7?
jraber
Posted: Wednesday, August 31 2011 08:39.43 CDT
I haven't had a chance to test that yet. Most of the time I am looking at malware on XP, however, in the next couple of weeks I will be looking at some on 7. As long as DEP is turned off it should work. Will let you know in a few weeks for sure
Jason Raber
Add New Comment
Comment:
There are
28,631
total registered users.
Recently Created Topics
windbg - olly/immunity
May/14
Reverse a WinRAR pac...
May/13
Add comments to resu...
May/10
can we code script ...
May/09
Type Casting Structu...
May/07
How to Reverse Engin...
May/03
Sulley on OS X (10.7)
May/01
Help me guys
May/01
IDA Resource Viewer ...
Apr/28
How do i use plugins...
Apr/27
Recent Forum Posts
windbg - olly/immunity
blowcheck
Help me guys
Olivier
Reverse a WinRAR pac...
NirIzr
windbg - olly/immunity
anonymouse
Reverse a WinRAR pac...
DriEm
Add comments to resu...
phn1x
IDA Resource Viewer ...
DriEm
Add comments to resu...
qiuhan
IDA Resource Viewer ...
waleeda...
IDA Resource Viewer ...
DriEm
Recent Blog Entries
waleedassar
Apr/20
OllyDbg NumberOfSections Crash
icegood
Apr/13
Advanced labels plugin for ...
waleedassar
Mar/31
GetModuleFileNameEx And Inf...
waleedassar
Mar/31
OllyDbg v1.10 And Wow64
waleedassar
Mar/29
OllyDbg Resource Table Pars...
More ...
Recent Blog Comments
raxen
on:
Mar/27
Anti-Dumping
Dallas
on:
Mar/22
ChapljaVM Code Obfuscator
Dallas
on:
Mar/22
Hack stuff, get paid
Dallas
on:
Mar/22
Exe Packer TAGGANT system f...
Dallas
on:
Mar/22
Olly2 SystemTray Plugin
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}