Anubis is a service for analyzing malware.
http://anubis.iseclab.org
http://anubis.iseclab.org
Eureka is a binary static analysis preparation framework. It implements a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing. Eureka incorporates advanced API deobfuscation capabilities to facilitate the structural analysis of the underlying malware logic. For each uploaded binary, the Eureka service will attempt to unpack and (for Eureka I, disassemble; for Eureka II (not yet available), decompile) the binary, and will produce an annotated callgraph, subroutine/data index page, strings summary, and a list of embedded DNS entries.
http://eureka.cyber-ta.org
http://eureka.cyber-ta.org
Comodo’s online file analysis tool.
http://camas.comodo.com
http://camas.comodo.com
McAfee SiteAdvisor test websites for spyware, spam and scams so you can search, surf and shop more safely.
http://www.siteadvisor.com
http://www.siteadvisor.com
Ether provides Malware Analysis via Hardware Virtualization Extensions.
http://ether.gtisc.gatech.edu/web_unpack/
http://ether.gtisc.gatech.edu/web_unpack/
ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode.
http://www.threatexpert.com/submit.aspx
http://www.threatexpert.com/submit.aspx
IPVoid allows users to scan an IP Address with multiple scanning services to facilitate the detection of IP Addresses that have committed malicious activity and to check if a website is hosted in a compromised server, used for spam, phishing or to host malicious content.
http://www.ipvoid.com
http://www.ipvoid.com
Netscty’s malware analysis sandbox tool performs cutting edge analysis of the potentially malicious file in our controlled environment. Our free online malicious software (malware) analysis tool provides a fast comprehensive evaluation of a variety of malware such as botnet software, viruses, spyware, trojans, and keyloggers.
http://netscty.com/malware-tool
http://netscty.com/malware-tool
JSUnpack Online – Online version of the stand-alone tool jsunpack.
http://jsunpack.jeek.org/dec/go
http://jsunpack.jeek.org/dec/go
CWSandbox is online service that runs file you submit through automated sandbox analysis.
http://www.rarst.net/web/cwsandbox/
http://www.rarst.net/web/cwsandbox/
Upload files that you suspect are malicious or infected by malicious components for instant analysis by Norman SandBox.
http://www.norman.com/security_center/security_tools/submit_file
http://www.norman.com/security_center/security_tools/submit_file
PDF Analyzer allows you to view PDF objects as hex/text, also provides PDF dissector and inspector engines and scanning for known exploits.
http://www.malwaretracker.com/pdf.php
http://www.malwaretracker.com/pdf.php
Sunbelt Sandbox is an approach to automatically analyze malware which is based on behavior analysis. Malware samples are executed for a finite time in a simulated environment, where all system calls are closely monitored.
http://mwanalysis.org
http://mwanalysis.org
GFI’s sunbelt online sandbox engine.
http://www.sunbeltsecurity.com/sandbox/
http://www.sunbeltsecurity.com/sandbox/
URLVoid allows users to scan a website address with multiple scanning engines such as Google Diagnostic, McAfee SiteAdvisor, Norton SafeWeb, MyWOT to facilitate the detection of possible dangerous websites.
http://www.urlvoid.com
http://www.urlvoid.com
Symantec’s reputation service Norton Safe Web.
http://safeweb.norton.com
http://safeweb.norton.com
The AVG LinkScanner Drop Zone lets you check the safety of individual web pages you are about to visit, also will examine the web page in real time to see whether it’s hiding any suspicious downloads.
http://www.avg.com.au/resources/web-page-scanner/
http://www.avg.com.au/resources/web-page-scanner/
Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files.
http://wepawet.iseclab.org
http://wepawet.iseclab.org
Joebox Sandbox.
http://www.joebox.org/samples.php
http://www.joebox.org/samples.php
With VirusTotal, send a file and see the detection according the AV vendors.
http://www.virustotal.com
http://www.virustotal.com
Novirusthanks is a ree service that allows users to upload and scan a file with multiple Antivirus engines. Users can also analyze a website url or a remote file with the option Scan Web Address.
http://www.novirusthanks.org/service/multi-engine-antivirus-scanner/
http://www.novirusthanks.org/service/multi-engine-antivirus-scanner/
Jotti’s malware scan is a free online service that enables you to scan suspicious files with several anti-virus programs. Scanners used are Linux versions; detection differences with Windows versions of the same scanners may occur due to implementation differences. There is a 20MB limit per file. Keep in mind that no security solution offers 100% protection, not even when it uses several anti-virus engines (for example, this scan service).
http://virusscan.jotti.org/en
http://virusscan.jotti.org/en
Feel free to propose other engines…
©2012, copyright BLACK BURN
0 comments:
Post a Comment