-------- Courriel original -------- Objet: [NEW] security/floss Date: 10-03-2018 08:52 De: Remi Pointel <remi.poin...@xiri.fr> À: The OpenBSD ports mailing-list <ports@openbsd.org> Hi, attached is the port of floss: FireEye Labs Obfuscated String Solver. --------------------------------- $ pkg_info floss Information for inst:floss-1.5.0 Comment: FireEye Labs Obfuscated String Solver Description:The FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. You can
use it just like strings.exe to enhance basic static analysis of unknown binaries.Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key features will not show up as plaintext in output of the strings.exe utility that is commonly used
during basic static analysis. Maintainer: Remi Pointel <rpoin...@openbsd.org> WWW: https://github.com/fireeye/flare-floss --------------------------------- Ok? Cheers, Remi.
floss-1.5.0.tar.gz
Description: GNU Zip compressed data
