FLARE Obfuscated String Solver (FLOSS)
The FLARE Obfuscated String Solver (FLOSS, formerly FireEye Labs Obfuscated String Solver) uses advanced static analysis techniques to automatically extract and deobfuscate all strings from malware binaries. You can use it just like strings.exe to enhance the basic static analysis of unknown binaries. Obfuscated Strings Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key features will not show up as plaintext in the output of the strings.exe utility that we commonly use during basic static analysis. FLOSS extracts all the following string types: - static strings: "regular" ASCII and UTF-16LE strings - stack strings: strings constructed on the stack at run-time - tight strings: a special form of stack strings, decoded on the stack - decoded strings: strings decoded in a function Please review the theory behind FLOSS [here](link). Our blog post talks more about the motivation behind FLOSS and details how the tool works. FLOSS version
FEATURES
ALTERNATIVES
GuardDog is a CLI tool for identifying malicious PyPI and npm packages through heuristics and Semgrep rules.
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
Online Java decompiler tool with support for modern Java features.
A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.
Collection of Python scripts for automating tasks and enhancing IDA Pro functionality
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.