Wednesday, February 27, 2013

Hook Analyser 2.4 - Preview


Thought of sharing some of the updates on the Hook Analyser v2.4. The build is in-progress, and I'm  targeting for first week of March, for the release.

The new version will support the following -

  1. Dll Analysis - Now one could analyse DLL as well. This is part of static malware analysis module.
  2. Exe extractor - This module allows dumping executable from an active process. This also has an option to dump all executables, on running processes. This is a new module, and is in testing phase.
  3. Deep search module - The deep search module has been re-written, and can be used to search for  filename, paths,compiler patterns, backdoor patterns,shellcode etc. This is part of static malware analysis module. 
I will talk more about the modules, once I release it.

Till then, please continue using the  v 2.3 here

Screenshot of the new version (Hook Analyser v2.4) -

Thursday, February 14, 2013

Hook Analyser 2.3 - Released


Here is the new release of the Hook Analyser, v2.3.

Some of the updates/modules in the new release -

  1. New digger module - Allows dumping exes, dlls, and drivers from an executable to separate files.
  2. Packer detection module.
  3. Hexdump module.

Features of the project are -

  1. Spawn and Hook to Application - This feature allows analyst to spawn an application, and hook into it
  2. Hook to a specific running process - The option allows analyst to hook to a running (active) process.
  3. Perform quick static malware analysis - This module is one of the most interesting and useful module of Hook Analyser, which performs scanning on PE or Widows executable to identify potential malware traces.
  4. Application crash analysis - This module enables exploit researcher and/or application developer to analyse memory content when an application crashes.  

Project Download - Click Here

Project Paper Download - Click Here

Feel free to write me back ( if you've any feedback or thoughts.