27 June 2011

Buster Sandbox Analyzer for Sandboxie

2 comments
Buster Sandbox Analyzer is a tool that has been designed to analyze the behaviour of processes and the changes made to system and then evaluate if they are malware suspicious.
The changes made to system can be of several types: file system changes, registry changes and port changes.
A file system change happens when a file is created, deleted or modified. Depending of what type of file has been created (executable, library, javascript, batch, etc) and where was created (what folder) we will be able to get valuable information.
Registry changes are those changes made to Windows registry. In this case we will be able to get valuable information from the modified value keys and the new created or deleted registry keys.
Port changes are produced when a connection is done outside, to other computers, or a port is opened locally and this port starts listening for incoming connections.
From all these changes we will obtain the necessary information to evaluate the "risk" of some of the actions taken by sandboxed applications.
Watching all these operations in an easy and safe manner is possible thanks to Sandboxie (http://sandboxie.com), an excellent tool created by Ronen Tzur.
Even if Buster Sandbox Analyzer's main goal is to evaluate if sandboxed processes have a malware behaviour, the tool can be used also to simply obtain a list of changes made to system, so if you install a software you will know exactly what installs and where.


Additionally apart of system changes we can consider other actions as malware suspicious: keyboard logging, end the Windows session, load a driver, start a service, connect to Internet, etc.
All the above operations can be considered as not malicious but if they are performed when it's not expected, that's something we must take in consideration. Therefore it's not only important to consider what actions are performed. It's also important to consider if it's reasonable certain actions are performed.

UPX 3.08 x64 for Windows and 32bit binaries

0 comments

A 64 bit executable of UPX in Version 3.08 Dev have been released next to a traditional 32bit version.

Homepage and program description


If you are not so familiar with command line parameter tools, there exists a great GUI which supports almost all switches and parameters from UPX: Free UPX 1.4
Support for the 64bit version can be implement if you replace the upx.exe in Free_UPX folder with the 64bit one.


Compressing 64 bit windows executables is not supported yet. It will show an error message "can't pack new-exe."


Dev Log
Summary log
Discussion

Downloads UPX 3.08 Dev:

x86: upx308w-dev.zip
x64: upx308w-x64-dev.zip
Download

26 June 2011

eMule v0.50a -XdP- v5.3

1 comments

Changelog:
----------------
ADD : CountryBlock [block download from or upload to special editable country's | Friends and Community excluded!] (umeK)
ADD : new Prefpage with all advandced official preferences (umeK/MorphXT)
IMPROVE : enable/disable DL in bold on the fly [under advandced official prefs] (WiZaRd)
IMPROVE : rewritten Random Modstring code (umeK)
CHANGE : make "no server ads" switchable (umeK)
FIX : Client is always highid if we are connecting to them (Enig123)
FIX : Suifaker passing Ban because missing exclude from AntiUploaderBan calculation (umeK)
FIX/CHANGE : small changes on -XdP- prefspage [treecontrol] (umeK)
FIX/IMPROVE : rewritten and fixed Download Permissions code to work correctly
with CountryBlock (umeK)
REMOVE : Drop Win95 support (MorphXT)
REMOVE : Remove MediaInfo 0.4 Support (DolphinX)
IMPROVE/CHANGE : more cleanings and changes around the source (umeK)



have fun !!!

Download

datei.to
ed2k download

----------------------------------------------------------------

visit www.sharing-devils.org

HHD Device Monitoring Studio review + Network Monitor 2 Licenses to GiveAway

11 comments
Device Monitoring Studio (DMS) is a modular application, like Microsoft Management Console (mmc.exe) but on steroids.

DMS's main functions are as follows:

  • Monitoring Devices
  • Serial (built-in, virtual, etc...)
  • USB (storage, HID, etc...)
  • Network Connections (all protocols, packet filtering, etc...)
  • Serial Bridge (RS-232 DTE, MODBUS, PPP, etc...)
  • Logging and Log File Playback
  • Advanced Tools
  • Serial Terminal
  • Scripting

The features listed above are just the main ones.

DMS's modular design allows the user to configure a monitoring session with as many of the modules, and tools he or she wishes.

DMS also allows the user to control and configure how the data is filtered, processed, and displayed as well.

At first glance DMS looks complex and overwhelming, because of its countless features, but unlike many other software suites, DMS's modular design allows you easy access to complex functions whether you're a professional or a novice.




Click for Fullscreen view | Watch on YouTube



Here is brief list of Network Monitor (DMS) advantages:


  1. Integration with USB and Serial Port monitoring modules now forms the Device Monitoring Studio which is a standalone software only solution to monitor almost all ports and connections of the computer.
  2. Extreme performance for REAL TIME monitoring and analyzing all data exchanges.
  3. Statistic view for REAL TIME monitoring and analyzing data flows.
  4. Real time data logging with ability to replay session back later even on different PC.
  5. Product doesn't consume computer resources like any others. It also capable to handle fast transfers without delays.
  6. You can Search for data patterns even on 10 - 100 Gb of the monitored data!
  7. Flexible monitored data view shares same functionality to the famous Hex Editor Neo including custom coloring and pattern highlighting.
  8. Multiple selection concept all over the data view.
  9. Custom data filtering.
  10. Most flexible pricing scheme available on the market. It will share similar price differentiation to the Serial or USB modules. Here is example (please note: prices is a subject to change): http://www.hhdsoftware.com/usb-monitor/prices 

Reviewed by Matt

Homepage
More info


2x Single Licenses of Network Monitor Professional regular for Non-Commercial Use (worth 97.05 EUR each) we GiveAway in Cooperation with HHD Software.

To join this contest, download and install the trial version and post a meaningful comment about the software.

Share the news with your friends on Facebook/Twitter/Forums and Personal Blogs.

On 10. July 2011 we draw random from all meaningful comments 2 winners of Network Monitor Professional Regular License for Non-commercial purpose and forward the email addresses from the winners to HHD Software for the licenses.

Winners of a Hitman Pro 3 License

3 comments
From our contest of 10 Licenses Hitman Pro have won:

  1. numpayak@***
  2. dannykbox-0@***
  3. 162245915@***
  4. kaiser790@***
  5. modest_1@***
  6. natalia@***
  7. support@***
  8. axman@***
  9. tt1@***
  10. 1073892254@***

Congratulation!

We send you a license key within the next 6 hours.


Download: http://www.surfright.nl/en/downloads/

25 June 2011

emule gifc 1.02b

0 comments
an Emule software that can help people to browse freely. This one can download newest GIFC software automatically.
More info, please see here: http://forums.internetfreedom.org/index.php?board=16.0

Blog for subscription by Email/RSS/Facebook/Twitter/GoogleBuzz

Emule-GIFC 翻墙畅游博客 http://emule-gifc.blogspot.com/

Changelog:

update with scareangel v4.1
change default directory to appdir under vista or upper

Homepage

ed2k://|file|GIFC_20110604_Ultra_1012.rar|1042203|EB4759BEFAA0C3525AAAA9682864F61B|/

ed2k://|file|GIFC_20110604_dweb_FreeU21.zip|1415528|B94EF7AF10046FF30EFAE57431A2F9E7|/

Binary Analysis report OK

Download

Archive