1, good site
http://bsa.isoftware.nl/
http://blog.michaelboman.org/2012/06/mart-malware-analyst-research-toolkit_25.html
http://contagiodump.blogspot.com/2011/11/nov-3-cve-2011-0611-1104statmentpdf.html
http://www.selectrealsecurity.com/malware-analysis
http://fumalwareanalysis.blogspot.com/
http://fumalwareanalysis.blogspot.com/p/malware-analysis-tutorials-reverse.html
2, conf pdf scan
update this file:
vim analyzer/windows/packages/pdf.py
p.execute(path="C:\\Program Files\\Adobe\\Reader 11.0\\Reader\\AcroRd32.exe", args=arg, suspended=True)
No comments:
Post a Comment