Malware/Some ideas

From CSRRT-LU

In order to solve the problems seen in chapter Malware/Project description I propose to establish a flexible framework of scripts to analyze a piece of software. Each script has a given task and provides its retrieved information to other scripts. In case where some problems during analysis occur another small script can be attached to the framework that solves the problem. Or even the architecture can be changed without big modifications. Another big advantage is that some external components such as code packers, disassemblers, debuggers can be easily integrated. In order to verify if everything is working correctly I propose that the end-user of the software-analyzer can define him self to interact with the analyzer during various tasks and other tasks can be automated.

It is clear that the performance of the software analyzer strongly depends on the available existing tools to analyze software. It depends on the performance of the available debuggers, packers, disassemblers etc. The best case is that the available tools provide some interfaces where they can be controlled via external software.

Retrieved from "http://www.csrrt.org/wiki/index.php/Malware/Some_ideas"

Malware/Some ideas

From CSRRT-LU

Views

Personal tools

Navigation

Search

Toolbox